Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

219 advisories

Loading
OpenCart Cross-Site Request Forgery (CSRF) High
CVE-2018-13067 was published for opencart/opencart (Composer) May 14, 2022
CakePHP might allow remote attackers to bypass CSRF protection mechanism via the _method parameter High
CVE-2015-8379 was published for cakephp/cakephp (Composer) May 14, 2022
ravage84
Pimcore CSRF Vulnerability High
CVE-2018-14057 was published for pimcore/pimcore (Composer) May 14, 2022
Gleez CMS CSRF Allows Adding of Administrator Accounts High
CVE-2018-15845 was published for gleez/cms (Composer) May 14, 2022
Elefant CMS CSRF Vulnerability High
CVE-2018-16387 was published for elefant/cms (Composer) May 14, 2022
phpMyFAQ CSRF High
CVE-2018-16650 was published for thorsten/phpmyfaq (Composer) May 14, 2022
Subrion CMS CSRF Vulnerability High
CVE-2017-15063 was published for intelliants/subrion (Composer) May 14, 2022
QuickAppsCMS Cross-Site Request Forgery (CSRF) High
CVE-2018-17102 was published for quickapps/cms (Composer) May 14, 2022
Zenario CMS vulnerable to CSRF High
CVE-2018-18420 was published for tribalsystems/zenario (Composer) May 14, 2022
Showdoc CSRF Vulnerability Moderate
CVE-2018-19621 was published for showdoc/showdoc (Composer) May 14, 2022
CSRF in PHP Server Monitor before 3.3.2 Moderate
CVE-2018-18921 was published for phpservermon/phpservermon (Composer) May 14, 2022
Subrion CMS vulnerable to CSRF in admin/blocks/add High
CVE-2017-6068 was published for intelliants/subrion (Composer) May 14, 2022
Symfony CSRF Token Fixation High
CVE-2018-11406 was published for symfony/security (Composer) May 14, 2022
Subrion CMS vulnerable to CSRF in blog/delete High
CVE-2017-18366 was published for intelliants/subrion (Composer) May 14, 2022
Contao CSRF Token Bypass High
CVE-2019-10642 was published for contao/contao (Composer) May 14, 2022
phpMyAdmin CSRF Vulnerability High
CVE-2018-19969 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
phpMyAdmin CSRF Vulnerability High
CVE-2017-1000499 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Symfony CSRF Vulnerability Moderate
CVE-2017-16653 was published for symfony/security (Composer) May 13, 2022
Moodle Login CSRF vulnerability in login form High
CVE-2018-16854 was published for moodle/moodle (Composer) May 13, 2022
CSRF in baserCMS 3.0.10 and earlier High
CVE-2016-4879 was published for baserproject/basercms (Composer) May 13, 2022
October CMS CSRF High
CVE-2017-16244 was published for october/october (Composer) May 13, 2022
daftspunk
WPGlobus plugin Stored XSS & CSRF security vulnerability High
CVE-2018-5361 was published for wpglobus/wpglobus (Composer) May 13, 2022
Moodle multiple cross-site request forgery (CSRF) vulnerabilities Moderate
CVE-2014-0213 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle cross-site request forgery (CSRF) vulnerability Moderate
CVE-2014-0126 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle multiple cross-site request forgery (CSRF) vulnerabilities High
CVE-2015-5338 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database