GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,904
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,504
Maven 5,949
npm 4,149
NuGet 735
pip 3,949
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,762

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

7,977 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Cross-Site Request Forgery (CSRF) vulnerability in Erik AntiSpam for Contact Form 7 allows Cross... Moderate Unreviewed

CVE-2025-54020 was published Jul 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Software Newsletters allows Cross... Moderate Unreviewed

CVE-2025-54035 was published Jul 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates... Moderate Unreviewed

CVE-2025-54022 was published Jul 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in GSheetConnector by WesternDeal WooCommerce... Moderate Unreviewed

CVE-2025-54030 was published Jul 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in jetmonsters Restaurant Menu by MotoPress... Moderate Unreviewed

CVE-2025-54038 was published Jul 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Animator allows Cross Site... Moderate Unreviewed

CVE-2025-54039 was published Jul 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel FluentSnippets allows Cross... Critical Unreviewed

CVE-2025-54010 was published Jul 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Atakan Au Import CDN-Remote Images allows... High Unreviewed

CVE-2025-48153 was published Jul 16, 2025

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component:... Moderate Unreviewed

CVE-2025-50090 was published Jul 15, 2025

Vulnerability in Oracle REST Data Services (component: General). The supported version that is... Moderate Unreviewed

CVE-2025-30756 was published Jul 15, 2025

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart).... Moderate Unreviewed

CVE-2025-30746 was published Jul 15, 2025

Vulnerability in the Oracle MES for Process Manufacturing product of Oracle E-Business Suite ... Moderate Unreviewed

CVE-2025-30745 was published Jul 15, 2025

The Restrict File Access plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... High Unreviewed

CVE-2025-7667 was published Jul 15, 2025

Cross-site scripting in certain Zoom Clients before version 6.4.5 may allow an authenticated... Low Unreviewed

CVE-2025-49462 was published Jul 10, 2025

A security bypass vulnerability allows exploitation via Reverse Tabnabbing, a type of phishing... Moderate Unreviewed

CVE-2025-7379 was published Jul 9, 2025

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform... Moderate Unreviewed

CVE-2025-20321 was published Jul 7, 2025

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform... Moderate Unreviewed

CVE-2025-20322 was published Jul 7, 2025

A vulnerability classified as problematic has been found in CodeAstro Online Movie Ticket Booking... Moderate Unreviewed

CVE-2025-7133 was published Jul 7, 2025

A vulnerability classified as problematic was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.3... Moderate Unreviewed

CVE-2025-7078 was published Jul 6, 2025

ArchivePage.php, UnarchivePage.php, and VoterEligibilityPage#executeClear() do not validate... High Unreviewed

CVE-2025-53483 was published Jul 4, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Tony Zeoli Radio Station allows Cross Site... Moderate Unreviewed

CVE-2025-53568 was published Jul 4, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Trust Payments Trust Payments Gateway for... Moderate Unreviewed

CVE-2025-53569 was published Jul 4, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Brian S. Reed Contact Form 7 reCAPTCHA allows... Moderate Unreviewed

CVE-2025-23972 was published Jul 4, 2025

The yContributors plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-6041 was published Jul 4, 2025

The WP Firebase Push Notification plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-5924 was published Jul 4, 2025

Previous 1…8…320 Next

Previous 1 2 … 6 7 8 9 10 … 319 320 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

7,977 advisories