Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,758
Maven
5,000+
npm
4,364
NuGet
766
pip
4,132
Pub
12
RubyGems
961
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,537 advisories

Loading
1Panel contains a cross-site request forgery (CSRF) vulnerability in the Change Username functionality High
CVE-2025-34410 was published for github.com/1Panel-dev/1Panel (Go) Dec 10, 2025
KeePassXC-Browser thru 1.9.9.2 autofills or prompts to fill stored credentials into documents... High Unreviewed
CVE-2025-65203 was published Dec 17, 2025
nopCommerce 4.90.0 is vulnerable to Cross Site Request Forgery (CSRF) via the Schedule Tasks... High Unreviewed
CVE-2025-65593 was published Dec 16, 2025
The FileManager in InfinitumIT DirectAdmin through v1.561 has XSS via CMD_FILE_MANAGER,... High Unreviewed
CVE-2019-11193 was published May 24, 2022
A Cross-Site Request Forgery (CSRF) in the /admin/admin.inc.php component of EasyImages 2.0 v2.8... High Unreviewed
CVE-2025-65472 was published Dec 11, 2025
OpenPLC_V3 is vulnerable to a cross-site request forgery (CSRF) attack due to the absence of... High Unreviewed
CVE-2025-13970 was published Dec 13, 2025
Cross Site Request Forgery (CSRF) vulnerability in AllskyTeam AllSky v2024.12.06_06 allows remote... High Unreviewed
CVE-2025-65573 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in codeworkweb CWW Companion cww-companion allows... High Unreviewed
CVE-2025-67473 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in SaifuMak Add Custom Codes add-custom-codes... High Unreviewed
CVE-2025-62739 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud Simple Link Directory simple-link... High Unreviewed
CVE-2025-67465 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Folio simple-folio allows... High Unreviewed
CVE-2025-64256 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in vcita Online Booking & Scheduling Calendar for... High Unreviewed
CVE-2025-67472 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Dimitri Grassi Salon booking system salon... High Unreviewed
CVE-2025-66531 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Alex Furr PDF Creator Lite pdf-creator-lite... High Unreviewed
CVE-2025-49341 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Jupitercow WP sIFR wp-sifr allows Stored XSS... High Unreviewed
CVE-2025-49347 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Valentin Agachi Create Posts & Terms... High Unreviewed
CVE-2025-49351 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in kubiq PDF Thumbnail Generator pdf-thumbnail... High Unreviewed
CVE-2025-67469 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal Quick Contact Form quick-contact... High Unreviewed
CVE-2025-67471 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Chartify chart-builder allows Cross... High Unreviewed
CVE-2025-66529 was published Dec 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Jacques Malgrange Rencontre rencontre allows... High Unreviewed
CVE-2025-67534 was published Dec 9, 2025
1Panel contains a cross-site request forgery (CSRF) vulnerability in the web port configuration functionality High
CVE-2025-34429 was published for github.com/1Panel-dev/1Panel (Go) Dec 10, 2025
All-Dynamics Digital Signage System 2.0.2 contains a cross-site request forgery vulnerability... High Unreviewed
CVE-2020-36900 was published Dec 10, 2025
UBICOD Medivision Digital Signage 1.5.1 contains a cross-site request forgery vulnerability that... High Unreviewed
CVE-2020-36901 was published Dec 10, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal New User Approve new-user-approve... High Unreviewed
CVE-2025-63030 was published Dec 9, 2025
A vulnerability has been identified in POWER METER SICAM Q200 family (All versions < V2.70). The... High Unreviewed
CVE-2023-30901 was published Jun 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database