GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,093
Composer 5,090
Erlang 40
GitHub Actions 38
Go 2,761
Maven 6,175
npm 4,368
NuGet 767
pip 4,137
Pub 12
RubyGems 962
Rust 1,070
Swift 45

Unreviewed advisories

All unreviewed 281,634

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,538 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Cross-Site Request Forgery (CSRF) vulnerability in FanBridge FanBridge signup fanbridge-signup... High Unreviewed

CVE-2025-62986 was published Oct 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Clifton Griffin Simple Content Templates for... High Unreviewed

CVE-2025-62958 was published Oct 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in iseremet Reloadly reloadly-topup-widget allows... High Unreviewed

CVE-2025-62956 was published Oct 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Andrea Landonio CloudSearch cloud-search... High Unreviewed

CVE-2025-62962 was published Oct 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Premmerce Premmerce Brands for WooCommerce... High Unreviewed

CVE-2025-62890 was published Oct 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus ... High Unreviewed

CVE-2025-62891 was published Oct 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in digitaldonkey Multilang Contact Form multilang... High Unreviewed

CVE-2025-62896 was published Oct 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Pricing Table builder wpdevart... High Unreviewed

CVE-2025-62886 was published Oct 27, 2025

Cross-Site Request Forgery (CSRF) vulnerability in FantasticPlugins SUMO Memberships for... High Unreviewed

CVE-2025-62005 was published Oct 22, 2025

A Cross-Site Request Forgery (CSRF) vulnerability in the SourceCodester Client Database... High Unreviewed

CVE-2025-63711 was published Nov 10, 2025

Canonical LXD CSRF Vulnerability When Using Client Certificate Authentication with the LXD-UI High

CVE-2025-54286 was published for github.com/canonical/lxd (Go) Oct 2, 2025

Apache Geode: CSRF attacks through GET requests to the Management and Monitoring REST API that can execute gfsh commands on the target system High

CVE-2025-47410 was published for org.apache.geode:geode-web (Maven) Oct 18, 2025

An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. There is no CSRF protection. High Unreviewed

CVE-2020-11919 was published Nov 7, 2024

A race condition was addressed with additional validation. This issue is fixed in macOS Ventura... High Unreviewed

CVE-2024-40815 was published Jul 30, 2024

An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. POST requests don't... High Unreviewed

CVE-2019-20460 was published Nov 7, 2024

A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality... High Unreviewed

CVE-2023-47677 was published Jul 8, 2024

The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS... High Unreviewed

CVE-2025-24223 was published May 13, 2025

A cross-site request forgery security issue exists in the product and version listed. The... High Unreviewed

CVE-2025-7330 was published Oct 14, 2025

Wimi Teamwork versions prior to 7.38.17 contains a cross-site request forgery (CSRF)... High Unreviewed

CVE-2025-34133 was published Oct 27, 2025

The Simple Registration for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request... High Unreviewed

CVE-2025-12095 was published Oct 25, 2025

The IndieAuth plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... High Unreviewed

CVE-2025-12028 was published Oct 24, 2025

/LoadFrame in Zoho ManageEngine AD Manager Plus build 6590 - 6613 allows attackers to conduct URL... High Unreviewed

CVE-2017-17552 was published May 14, 2022

Magento Cross-Site Request Forgery (CSRF) vulnerability High

CVE-2025-49555 was published for magento/community-edition (Composer) Aug 12, 2025

Mercku M6a devices through 2.1.0 allow password changes via intranet CSRF attacks. High Unreviewed

CVE-2025-62771 was published Oct 22, 2025

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in PaperCut NG/MF, which,... High Unreviewed

CVE-2023-2533 was published Jun 20, 2023

Previous 1…3…142 Next

Previous 1 2 3 4 5 … 141 142 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,538 advisories