GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,680

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,197 advisories

Filter by severity

Sort by

Least recently updated

Cross-site request forgery (CSRF) vulnerability in index.php in FlatNuke 2.6, and possibly 3,... Moderate Unreviewed

CVE-2007-5109 was published May 1, 2022

Cross-site request forgery (CSRF) vulnerability in the cpass functionality in an admin action in... Moderate Unreviewed

CVE-2007-5060 was published May 1, 2022

Cross-site request forgery (CSRF) vulnerability in admin.php in Francisco Burzi PHP-Nuke allows... Moderate Unreviewed

CVE-2007-5032 was published May 1, 2022

Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 207W camera allow remote... Moderate Unreviewed

CVE-2007-4930 was published May 1, 2022

wp-admin/admin-functions.php in Wordpress before 2.2.3 and Wordpress multi-user (MU) before 1.2... Moderate Unreviewed

CVE-2007-4893 was published May 1, 2022

Cross-site request forgery (CSRF) vulnerability in the device management interface in Buffalo... Moderate Unreviewed

CVE-2007-4822 was published May 1, 2022

Cross-site scripting (XSS) vulnerability in wp-newblog.php in WordPress multi-user (MU) 1.0 and... Moderate Unreviewed

CVE-2007-4544 was published May 1, 2022

Multiple cross-site scripting (XSS) vulnerabilities in Olate Download (od) 3.4.2 allow remote... Moderate Unreviewed

CVE-2007-4541 was published May 1, 2022

Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which... Moderate Unreviewed

CVE-2007-3457 was published May 1, 2022

Multiple cross-site request forgery (CSRF) vulnerabilities in the administration of (1) polls, (2... Moderate Unreviewed

CVE-2007-3416 was published May 1, 2022

Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4... Moderate Unreviewed

CVE-2007-2589 was published May 1, 2022

The cross-site request forgery (CSRF) protection in PHP-Nuke 8.0 and earlier does not ensure the... Moderate Unreviewed

CVE-2007-1520 was published May 1, 2022

Unspecified vulnerability in web-app.org Web Automated Perl Portal (WebAPP) 0.9.9.4 to 0.9.9.6... Moderate Unreviewed

CVE-2007-1489 was published May 1, 2022

Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in Webmin before 1.330 and... Moderate Unreviewed

CVE-2007-1276 was published May 1, 2022

Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web... Moderate Unreviewed

CVE-2007-0044 was published May 1, 2022

Cross-site request forgery (CSRF) vulnerability in urlobox in MKPortal allows remote attackers to... Moderate Unreviewed

CVE-2006-6741 was published May 1, 2022

HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in... Moderate Unreviewed

CVE-2005-3348 was published May 1, 2022

Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2)... Moderate Unreviewed

CVE-2005-2059 was published May 1, 2022

Cross-site request forgery (CSRF) vulnerability in Invision Gallery before 1.3.1 allows remote... Moderate Unreviewed

CVE-2005-1947 was published May 1, 2022

Cross-site request forgery (CSRF) vulnerability in Citrix Presentation Server 4.0 and 4.5,... Moderate Unreviewed

CVE-2002-2426 was published Apr 30, 2022

The FanBoxes extension for MediaWiki through 1.37.2 (before... Moderate Unreviewed

CVE-2022-29905 was published Apr 30, 2022

The Private Domains extension for MediaWiki through 1.37.2 (before... Moderate Unreviewed

CVE-2022-29903 was published Apr 30, 2022

Multiple (13x) Cross-Site Request Forgery (CSRF) vulnerabilities in WPKube's Subscribe To... Moderate Unreviewed

CVE-2022-29414 was published Apr 30, 2022

Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) in Shea Bunge's Footer... Moderate Unreviewed

CVE-2022-27860 was published Apr 29, 2022

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Hermit ????? plugin <= 3.1.6 on... Moderate Unreviewed

CVE-2022-29412 was published Apr 29, 2022

Previous 1 2 … 122 123 124 125 126 127 128 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,197 advisories