GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,935
Composer 5,069
Erlang 39
GitHub Actions 38
Go 2,726
Maven 6,143
npm 4,331
NuGet 763
pip 4,107
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,299

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

8,267 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The change password functionality at /pet_grooming/admin/change_pass.php in SourceCodester Pet... Moderate Unreviewed

CVE-2025-63717 was published Nov 7, 2025

The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery (CSRF)... Moderate Unreviewed

CVE-2025-63716 was published Nov 7, 2025

A cross-site request forgery (CSRF) vulnerability has been reported to affect QuLog Center. The... Low Unreviewed

CVE-2025-58469 was published Nov 7, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Wasiliy Strecker / ContestGallery developer... Moderate Unreviewed

CVE-2025-62950 was published Nov 6, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel WP GDPR Cookie Consent wp-gdpr... High Unreviewed

CVE-2025-53316 was published Nov 6, 2025

Cross-Site Request Forgery (CSRF) vulnerability in andriassundskard wpNamedUsers wpnamedusers... High Unreviewed

CVE-2025-48083 was published Nov 6, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Norbert Slick Google Map slick-google-map... High Unreviewed

CVE-2025-48078 was published Nov 6, 2025

Cross-Site Request Forgery (CSRF) vulnerability in nitinmaurya12 Block Country block-country... High Unreviewed

CVE-2025-48077 was published Nov 6, 2025

Cross-Site Request Forgery (CSRF) vulnerability in ZIPANG Simple Stripe simple-stripe allows... High Unreviewed

CVE-2025-48085 was published Nov 6, 2025

The Easy Email Subscription plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2025-10691 was published Nov 6, 2025

The Posts Navigation Links for Sections and Headings – Free by WP Masters plugin for WordPress is... Moderate Unreviewed

CVE-2025-12188 was published Nov 4, 2025

The Associados Amazon Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2025-12403 was published Nov 4, 2025

The Social Media WPCF7 Stop Words plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-12413 was published Nov 4, 2025

The LMB^Box Smileys plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-12400 was published Nov 4, 2025

The LinkedIn Resume plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-12402 was published Nov 4, 2025

The SH Contextual Help plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-12410 was published Nov 4, 2025

The Top Bar Notification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-12412 was published Nov 4, 2025

The Visit Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0... Moderate Unreviewed

CVE-2025-12452 was published Nov 4, 2025

The Pagerank Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Cross... Moderate Unreviewed

CVE-2025-12416 was published Nov 4, 2025

The Centangle-Team plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-12456 was published Nov 4, 2025

The MapMap plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to... Moderate Unreviewed

CVE-2025-12415 was published Nov 4, 2025

The WP Global Screen Options plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2025-12069 was published Nov 4, 2025

The ViaAds plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to... Moderate Unreviewed

CVE-2025-12070 was published Nov 4, 2025

The Label Plugins plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2025-12401 was published Nov 4, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Mikado-Themes Bard bardwp allows Cross Site... Moderate Unreviewed

CVE-2025-64368 was published Oct 31, 2025

Previous 1…4…331 Next

Previous 1 2 3 4 5 6 … 330 331 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

8,267 advisories