Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

8,166 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in Mikado-Themes Bard bardwp allows Cross Site... Moderate Unreviewed
CVE-2025-64368 was published Oct 31, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Younes JFR. Advanced Database Cleaner advanced... Moderate Unreviewed
CVE-2025-64357 was published Oct 31, 2025
The Depicter plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions less... Moderate Unreviewed
CVE-2025-8383 was published Oct 31, 2025
A cross-site request forgery security issue exists in the product and version listed. The... High Unreviewed
CVE-2025-7330 was published Oct 14, 2025
Drupal Currency allows Cross Site Request Forgery Moderate
CVE-2025-10930 was published for drupal/currency (Composer) Oct 30, 2025
A vulnerability was detected in Webkul QloApps up to 1.7.0. This affects an unknown function of... Moderate Unreviewed
CVE-2025-10759 was published Sep 22, 2025
Quick.Cart is vulnerable to Cross-Site Request Forgery in product creation functionality.... Moderate Unreviewed
CVE-2025-10317 was published Oct 30, 2025
Jenkins Publish to Bitbucket Plugin vulnerable to CSRF and missing permissions check Moderate
CVE-2025-64149 was published for org.jenkins-ci.plugins:publish-to-bitbucket (Maven) Oct 29, 2025
Jenkins Nexus Task Runner Plugin vulnerable to cross-site request forgery Moderate
CVE-2025-64141 was published for org.jenkins-ci.plugins:nexus-task-runner (Maven) Oct 29, 2025
Jenkins Themis Plugin vulnerable to cross-site request forgery Moderate
CVE-2025-64136 was published for org.jenkins-ci.plugins:themis (Maven) Oct 29, 2025
Jenkins Start Windocks Containers Plugin vulnerable to cross-site request forgery Moderate
CVE-2025-64138 was published for org.jenkins-ci.plugins:windocks-start-container (Maven) Oct 29, 2025
Jenkins Extensible Choice Parameter Plugin vulnerable to cross-site request forgery Moderate
CVE-2025-64133 was published for jp.ikedam.jenkins.plugins:extensible-choice-parameter (Maven) Oct 29, 2025
In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cart_remove.php allows a... Moderate Unreviewed
CVE-2021-43158 was published Dec 23, 2021
Systemic Lack of Cross-Site Request Forgery (CSRF) Token Implementation.This issue affects BLU... Critical Unreviewed
CVE-2025-12479 was published Oct 29, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WpEstate WP Rentals wprentals allows Cross... Moderate Unreviewed
CVE-2025-64286 was published Oct 29, 2025
Cross-Site Request Forgery (CSRF) vulnerability in blubrry PowerPress Podcasting powerpress... Moderate Unreviewed
CVE-2025-64201 was published Oct 29, 2025
Cross-Site Request Forgery (CSRF) vulnerability in colabrio Stockie Extra stockie-extra allows... Moderate Unreviewed
CVE-2025-64226 was published Oct 29, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Premmerce Premmerce premmerce allows Cross... Moderate Unreviewed
CVE-2025-64288 was published Oct 29, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Premmerce Premmerce Product Search for... Moderate Unreviewed
CVE-2025-64290 was published Oct 29, 2025
A CSRF issue was discovered in the administrative web GUI in Blu-Castle BCUM221E 1.0.0P220507.... Moderate Unreviewed
CVE-2024-45161 was published Oct 29, 2025
Cross-Site Request Forgery (CSRF) vulnerability in highwarden Super Store Finder superstorefinder... Moderate Unreviewed
CVE-2025-58939 was published Oct 29, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Allegro Marketing hpb seo plugin for WordPress... High Unreviewed
CVE-2025-60075 was published Oct 29, 2025
Liferay Portal Vulnerable to CSRF in Headless APIs High
CVE-2025-62258 was published for com.liferay.portal:release.portal.bom (Maven) Oct 28, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Popup box allows Cross Site Request... Moderate Unreviewed
CVE-2025-57931 was published Oct 29, 2025
In Shenzhen C-Data Technology Co. FD602GW-DX-R410 (firmware v2.2.14), the web management... Moderate Unreviewed
CVE-2025-56311 was published Sep 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database