GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
59 advisories
Filter by severity
CSRF Vuln can expose user's QRcode
Low
GHSA-fxq4-r6mr-9x64
was published
for
Flask-Security-Too
(pip)
Apr 8, 2021
pterodactyl/panel CSRF allowing an external page to trigger a user logout event
Low
CVE-2021-41176
was published
for
pterodactyl/panel
(Composer)
Oct 25, 2021
Cross-Site Request Forgery in firefly-iii
Low
CVE-2021-3901
was published
for
grumpydictator/firefly-iii
(Composer)
Oct 28, 2021
bookstack is vulnerable to Cross-Site Request Forgery (CSRF)
Low
CVE-2021-3944
was published
for
ssddanbrown/bookstack
(Composer)
Dec 3, 2021
Cross-Site Request Forgery in remdex/livehelperchat
Low
CVE-2021-4049
was published
for
remdex/livehelperchat
(Composer)
Dec 10, 2021
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse...
Low
Unreviewed
CVE-2022-22348
was published
Mar 15, 2022
Cross-Site Request Forgery in YOURLS
Low
CVE-2022-0088
was published
for
yourls/yourls
(Composer)
Apr 4, 2022
Cross-site request forgery (CSRF) vulnerability in admin.php in eTicket 1.5.5.2 allows remote...
Low
Unreviewed
CVE-2008-0266
was published
May 1, 2022
Cross-site request forgery (CSRF) vulnerability in the rootpw plugin in rPath Appliance Platform...
Low
Unreviewed
CVE-2008-2140
was published
May 1, 2022
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote...
Low
Unreviewed
CVE-2008-3197
was published
May 1, 2022
Routes used to stop running Metasploit tasks (either particular ones or all tasks) allowed GET...
Low
Unreviewed
CVE-2017-5244
was published
May 13, 2022
Cross-site request forgery (CSRF) vulnerability in admin/settings/update in DClassifieds 0.1...
Low
Unreviewed
CVE-2012-0990
was published
May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in The Uniform Server 5.6.5 allow...
Low
Unreviewed
CVE-2010-2113
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through...
Low
Unreviewed
CVE-2016-3009
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through...
Low
Unreviewed
CVE-2016-2998
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3...
Low
Unreviewed
CVE-2014-8521
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20...
Low
Unreviewed
CVE-2010-2151
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in pbx/gate in Brekeke PBX 2.4.4.8 allows remote...
Low
Unreviewed
CVE-2010-2114
was published
May 17, 2022
CSRF vulnerability in Jenkins Amazon EC2 Plugin
Low
CVE-2020-2090
was published
for
org.jenkins-ci.plugins:ec2
(Maven)
May 24, 2022
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker...
Low
Unreviewed
CVE-2020-8615
was published
May 24, 2022
CSRF vulnerability in Amazon EC2 Plugin
Low
CVE-2020-2186
was published
for
org.jenkins-ci.plugins:ec2
(Maven)
May 24, 2022
OpenCart Cross-Site Request Forgery (CSRF)
Low
CVE-2020-28838
was published
for
opencart/opencart
(Composer)
May 24, 2022
The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from...
Low
Unreviewed
CVE-2021-26071
was published
May 24, 2022
Cross Site Request Forgery (CSRF) vulnerability exists in v2.0.0 in video_list.php, which can let...
Low
Unreviewed
CVE-2020-18463
was published
May 24, 2022
Cross Site Request Forgery (CSRF) vulnerability in AikCms 2.0.0 in video_list.php, which can let...
Low
Unreviewed
CVE-2020-18464
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API