Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,976 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in hakeemnala Build App Online allows Cross Site... Moderate Unreviewed
CVE-2025-53249 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And... Moderate Unreviewed
CVE-2025-54728 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Laborator Kalium allows Cross Site Request... Moderate Unreviewed
CVE-2025-53347 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Shahjada WPDM – Premium Packages allows Cross... Moderate Unreviewed
CVE-2025-54732 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in pl4g4 WP-Database-Optimizer-Tools allows Cross... Moderate Unreviewed
CVE-2025-53219 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in flexostudio flexo-social-gallery allows Cross... Moderate Unreviewed
CVE-2025-52769 was published Aug 14, 2025
The KuWFi 4G LTE AC900 router 1.0.13 is vulnerable to Cross-Site Request Forgery (CSRF) on its... High Unreviewed
CVE-2024-53946 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in motov.net Ebook Store allows Cross Site... Moderate Unreviewed
CVE-2025-54702 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Connector for Gravity Forms and... Moderate Unreviewed
CVE-2025-54682 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in bPlugins Button Block allows Cross Site... Moderate Unreviewed
CVE-2025-54694 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in bobbingwide oik allows Cross Site Request... Moderate Unreviewed
CVE-2025-54671 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Prince Integrate Google Drive allows Cross... Moderate Unreviewed
CVE-2025-54703 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in mklacroix Product Configurator for WooCommerce... Moderate Unreviewed
CVE-2025-54674 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Jordy Meow Photo Engine allows Cross Site... Moderate Unreviewed
CVE-2025-54672 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in YITHEMES YITH WooCommerce Popup allows Cross... Moderate Unreviewed
CVE-2025-54675 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in tosend.it Simple Poll allows Stored XSS. This... High Unreviewed
CVE-2025-49044 was published Aug 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Chartify allows Cross Site Request... Moderate Unreviewed
CVE-2025-54673 was published Aug 14, 2025
The Easy restaurant menu manager plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed
CVE-2025-8491 was published Aug 13, 2025
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and... High Unreviewed
CVE-2025-49555 was published Aug 12, 2025
A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue... Moderate Unreviewed
CVE-2025-8814 was published Aug 10, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Compress WP Compress – Image Optimizer [All... Moderate Unreviewed
CVE-2024-32106 was published Apr 11, 2024
A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This... Moderate Unreviewed
CVE-2025-8739 was published Aug 8, 2025
Liferay Portal and Liferay DXP Vulnerable to CSRF via the Layout Module High
CVE-2023-35030 was published for com.liferay.portal:release.dxp.bom (Maven) Jun 15, 2023
Teedy through 1.11 allows CSRF for account takeover via POST /api/user/admin. High Unreviewed
CVE-2025-22963 was published Jan 13, 2025
A Cross-Site Request Forgery (CSRF) in Elgato's Key Lights and related light products allows an... Moderate Unreviewed
CVE-2025-7202 was published Aug 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database