Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,757
Maven
5,000+
npm
4,363
NuGet
766
pip
4,128
Pub
12
RubyGems
961
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,535 advisories

Loading
OpenPLC_V3 is vulnerable to a cross-site request forgery (CSRF) attack due to the absence of... High Unreviewed
CVE-2025-13970 was published Dec 13, 2025
A Cross-Site Request Forgery (CSRF) in the /admin/admin.inc.php component of EasyImages 2.0 v2.8... High Unreviewed
CVE-2025-65472 was published Dec 11, 2025
All-Dynamics Digital Signage System 2.0.2 contains a cross-site request forgery vulnerability... High Unreviewed
CVE-2020-36900 was published Dec 10, 2025
UBICOD Medivision Digital Signage 1.5.1 contains a cross-site request forgery vulnerability that... High Unreviewed
CVE-2020-36901 was published Dec 10, 2025
1Panel contains a cross-site request forgery (CSRF) vulnerability in the web port configuration functionality High
CVE-2025-34429 was published for github.com/1Panel-dev/1Panel (Go) Dec 10, 2025
1Panel contains a cross-site request forgery (CSRF) vulnerability in the Change Username functionality High
CVE-2025-34410 was published for github.com/1Panel-dev/1Panel (Go) Dec 10, 2025
Cross Site Request Forgery (CSRF) vulnerability in AllskyTeam AllSky v2024.12.06_06 allows remote... High Unreviewed
CVE-2025-65573 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Jacques Malgrange Rencontre rencontre allows... High Unreviewed
CVE-2025-67534 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Dimitri Grassi Salon booking system salon... High Unreviewed
CVE-2025-66531 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Chartify chart-builder allows Cross... High Unreviewed
CVE-2025-66529 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in vcita Online Booking & Scheduling Calendar for... High Unreviewed
CVE-2025-67472 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in codeworkweb CWW Companion cww-companion allows... High Unreviewed
CVE-2025-67473 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud Simple Link Directory simple-link... High Unreviewed
CVE-2025-67465 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in kubiq PDF Thumbnail Generator pdf-thumbnail... High Unreviewed
CVE-2025-67469 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal Quick Contact Form quick-contact... High Unreviewed
CVE-2025-67471 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Folio simple-folio allows... High Unreviewed
CVE-2025-64256 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal New User Approve new-user-approve... High Unreviewed
CVE-2025-63030 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in SaifuMak Add Custom Codes add-custom-codes... High Unreviewed
CVE-2025-62739 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Jupitercow WP sIFR wp-sifr allows Stored XSS... High Unreviewed
CVE-2025-49347 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Alex Furr PDF Creator Lite pdf-creator-lite... High Unreviewed
CVE-2025-49341 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Valentin Agachi Create Posts & Terms... High Unreviewed
CVE-2025-49351 was published Dec 9, 2025
Some endpoints in vulnerability-lookup that modified application state (e.g. changing database... High Unreviewed
CVE-2025-42616 was published Dec 8, 2025
The User Generator and Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery... High Unreviewed
CVE-2025-12879 was published Dec 5, 2025
PublicCMS V5.202506.b is vulnerable to Cross Site Request Forgery (CSRF) in the... High Unreviewed
CVE-2025-65840 was published Dec 1, 2025
A cross-site request forgery (csrf) vulnerability exists in the WEBVIEW-M functionality of... High Unreviewed
CVE-2024-53684 was published Dec 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database