Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

40 advisories

Loading
Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2... Low Unreviewed
CVE-2024-36452 was published Jul 10, 2024
A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System... Low Unreviewed
CVE-2024-42792 was published Aug 26, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ... Low Unreviewed
CVE-2024-39156 was published Jun 27, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ... Low Unreviewed
CVE-2024-39157 was published Jun 27, 2024
A Cross-site request forgery (CSRF) flaw was found in Keycloak and occurs due to the lack of a... Low Unreviewed
CVE-2024-5203 was published Jun 12, 2024
A potential security vulnerability has been identified in Hewlett Packard Enterprise... Low Unreviewed
CVE-2024-22438 was published Apr 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in SumoMe Sumo.This issue affects Sumo: from n/a... Low Unreviewed
CVE-2024-31265 was published Apr 12, 2024
Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote... Low Unreviewed
CVE-2023-39061 was published Aug 21, 2023
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by... Low Unreviewed
CVE-2023-3209 was published Jul 10, 2023
The My Sticky Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Low Unreviewed
CVE-2023-7048 was published Jan 11, 2024
A vulnerability has been found in SourceCodester Simple Cold Storage Management System 1.0 and... Low Unreviewed
CVE-2022-3582 was published Oct 18, 2022
Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an... Low Unreviewed
CVE-2023-6251 was published Nov 24, 2023
Cross Site Request Forgery vulnerability in Click Studios (SA) Pty Ltd Passwordstate v.Build 9785... Low Unreviewed
CVE-2023-43295 was published Oct 31, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/ojs prior to 3.3.0-16. Low Unreviewed
CVE-2023-5626 was published Oct 18, 2023
Sensitive information manipulation due to cross-site request forgery. The following products are... Low Unreviewed
CVE-2023-44161 was published Sep 27, 2023
Sensitive information manipulation due to cross-site request forgery. The following products are... Low Unreviewed
CVE-2023-44160 was published Sep 27, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Low Unreviewed
CVE-2023-5893 was published Nov 1, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Low Unreviewed
CVE-2023-5899 was published Nov 1, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Low Unreviewed
CVE-2023-5898 was published Nov 1, 2023
Cross-site request forgery (CSRF) vulnerability in admin/settings/update in DClassifieds 0.1... Low Unreviewed
CVE-2012-0990 was published May 17, 2022
A vulnerability found in the OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version:... Low Unreviewed
CVE-2020-23587 was published Nov 23, 2022
A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET... Low Unreviewed
CVE-2022-30694 was published Nov 8, 2022
Routes used to stop running Metasploit tasks (either particular ones or all tasks) allowed GET... Low Unreviewed
CVE-2017-5244 was published May 13, 2022
The Subscribe2 WordPress plugin before 10.38 does not have CSRF check when deleting users, which... Low Unreviewed
CVE-2022-4309 was published Jan 16, 2023
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote... Low Unreviewed
CVE-2008-3197 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database