Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

211 advisories

Loading
Magento 2 Community Edition CSRF vulnerability Moderate
CVE-2019-7851 was published for magento/community-edition (Composer) May 24, 2022
Moodle CSRF Vulnerability High
CVE-2019-10186 was published for moodle/moodle (Composer) May 24, 2022
Dolibarr Cross Site Request Forgery (CSRF) High
CVE-2019-1010054 was published for dolibarr/dolibarr (Composer) May 24, 2022
Wikimedia MediaWiki allows CSRF High
CVE-2019-12466 was published for mediawiki/core (Composer) May 24, 2022
phpMyAdmin CSRF Vulnerability Moderate
CVE-2019-12616 was published for phpmyadmin/phpmyadmin (Composer) May 24, 2022
CSRF in baserCMS 3.0.10 and earlier High
CVE-2016-4881 was published for baserproject/basercms (Composer) May 17, 2022
baserCMS Cross Site Request Forgery vulnerability High
CVE-2016-4878 was published for baserproject/basercms (Composer) May 17, 2022
Moodle Cross-Site Request Forgery (CSRF) Moderate
CVE-2017-7491 was published for moodle/moodle (Composer) May 17, 2022
admidio CSRF Vulnerability Moderate
CVE-2017-8382 was published for admidio/admidio (Composer) May 17, 2022
Zend Framework CSRF Vulnerability High
CVE-2015-1786 was published for zendframework/zendframework (Composer) May 17, 2022
phpMyAdmin CSRF Vulnerability Critical
CVE-2016-9866 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
Drupal Cross-Site Request Forgery (CSRF) High
CVE-2017-6379 was published for drupal/core (Composer) May 17, 2022
ViMbAdmin CSRF Vulnerabilities High
CVE-2017-6086 was published for opensolutions/vimbadmin (Composer) May 17, 2022
Magento Cross-Site Request Forgery (CSRF) Moderate
CVE-2018-5301 was published for magento/community-edition (Composer) May 14, 2022
Yii Framework Cross-Site Request Forgery (CSRF) High
CVE-2018-6009 was published for yiisoft/yii2 (Composer) May 14, 2022
QuickAppsCMS Cross-Site Request Forgery (CSRF) High
CVE-2018-9108 was published for quickapps/cms (Composer) May 14, 2022
phpMyAdmin CSRF vulnerability allowing arbitrary SQL execution High
CVE-2018-10188 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
OpenCart Cross-Site Request Forgery (CSRF) High
CVE-2018-13067 was published for opencart/opencart (Composer) May 14, 2022
CakePHP might allow remote attackers to bypass CSRF protection mechanism via the _method parameter High
CVE-2015-8379 was published for cakephp/cakephp (Composer) May 14, 2022
ravage84
Pimcore CSRF Vulnerability High
CVE-2018-14057 was published for pimcore/pimcore (Composer) May 14, 2022
Gleez CMS CSRF Allows Adding of Administrator Accounts High
CVE-2018-15845 was published for gleez/cms (Composer) May 14, 2022
Elefant CMS CSRF Vulnerability High
CVE-2018-16387 was published for elefant/cms (Composer) May 14, 2022
phpMyFAQ CSRF High
CVE-2018-16650 was published for thorsten/phpmyfaq (Composer) May 14, 2022
Subrion CMS CSRF Vulnerability High
CVE-2017-15063 was published for intelliants/subrion (Composer) May 14, 2022
QuickAppsCMS Cross-Site Request Forgery (CSRF) High
CVE-2018-17102 was published for quickapps/cms (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database