GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
40 advisories
Filter by severity
Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2...
Low
Unreviewed
CVE-2024-36452
was published
Jul 10, 2024
A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System...
Low
Unreviewed
CVE-2024-42792
was published
Aug 26, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Low
Unreviewed
CVE-2024-39157
was published
Jun 27, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Low
Unreviewed
CVE-2024-39156
was published
Jun 27, 2024
A Cross-site request forgery (CSRF) flaw was found in Keycloak and occurs due to the lack of a...
Low
Unreviewed
CVE-2024-5203
was published
Jun 12, 2024
A potential security vulnerability has been identified in Hewlett Packard Enterprise...
Low
Unreviewed
CVE-2024-22438
was published
Apr 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in SumoMe Sumo.This issue affects Sumo: from n/a...
Low
Unreviewed
CVE-2024-31265
was published
Apr 12, 2024
Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote...
Low
Unreviewed
CVE-2023-39061
was published
Aug 21, 2023
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by...
Low
Unreviewed
CVE-2023-3209
was published
Jul 10, 2023
The My Sticky Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Low
Unreviewed
CVE-2023-7048
was published
Jan 11, 2024
A vulnerability has been found in SourceCodester Simple Cold Storage Management System 1.0 and...
Low
Unreviewed
CVE-2022-3582
was published
Oct 18, 2022
Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an...
Low
Unreviewed
CVE-2023-6251
was published
Nov 24, 2023
Cross Site Request Forgery vulnerability in Click Studios (SA) Pty Ltd Passwordstate v.Build 9785...
Low
Unreviewed
CVE-2023-43295
was published
Oct 31, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/ojs prior to 3.3.0-16.
Low
Unreviewed
CVE-2023-5626
was published
Oct 18, 2023
Sensitive information manipulation due to cross-site request forgery. The following products are...
Low
Unreviewed
CVE-2023-44161
was published
Sep 27, 2023
Sensitive information manipulation due to cross-site request forgery. The following products are...
Low
Unreviewed
CVE-2023-44160
was published
Sep 27, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Low
Unreviewed
CVE-2023-5893
was published
Nov 1, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Low
Unreviewed
CVE-2023-5898
was published
Nov 1, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Low
Unreviewed
CVE-2023-5899
was published
Nov 1, 2023
Cross-site request forgery (CSRF) vulnerability in admin/settings/update in DClassifieds 0.1...
Low
Unreviewed
CVE-2012-0990
was published
May 17, 2022
A vulnerability found in the OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version:...
Low
Unreviewed
CVE-2020-23587
was published
Nov 23, 2022
A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET...
Low
Unreviewed
CVE-2022-30694
was published
Nov 8, 2022
Routes used to stop running Metasploit tasks (either particular ones or all tasks) allowed GET...
Low
Unreviewed
CVE-2017-5244
was published
May 13, 2022
The Subscribe2 WordPress plugin before 10.38 does not have CSRF check when deleting users, which...
Low
Unreviewed
CVE-2022-4309
was published
Jan 16, 2023
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote...
Low
Unreviewed
CVE-2008-3197
was published
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API