GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,708
Erlang
34
GitHub Actions
28
Go
2,295
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
919
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+
7,553 advisories
Filter by severity
SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=gifts&a=update to change goods prices with the...
Moderate
Unreviewed
CVE-2018-19319
was published
May 14, 2022
School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php.
High
Unreviewed
CVE-2018-18797
was published
May 14, 2022
sikcms 1.1 has CSRF via admin.php?m=Admin&c=Users&a=userAdd to add an administrator account.
High
Unreviewed
CVE-2018-19561
was published
May 14, 2022
School Attendance Monitoring System 1.0 has CSRF via event/controller.php?action=photos.
High
Unreviewed
CVE-2018-18799
was published
May 14, 2022
An issue was discovered in S-CMS v1.5. There is a CSRF vulnerability that can add a new user via...
High
Unreviewed
CVE-2018-19332
was published
May 14, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in CGI programs in Seeds acmailer...
Moderate
Unreviewed
CVE-2014-3896
was published
May 14, 2022
School Event Management System 1.0 allows CSRF via user/controller.php?action=edit.
High
Unreviewed
CVE-2018-18794
was published
May 14, 2022
An issue was discovered in JTBC(PHP) 3.0.1.7. aboutus/manage.php?type=action&action=add allows CSRF.
High
Unreviewed
CVE-2018-19327
was published
May 14, 2022
tp4a TELEPORT 3.1.0 has CSRF via user/do-reset-password to change any password, such as the...
High
Unreviewed
CVE-2018-19555
was published
May 14, 2022
Google Monorail before 2018-04-04 has a Cross-Site Search (XS-Search) vulnerability because CSV...
Moderate
Unreviewed
CVE-2018-10099
was published
May 14, 2022
Google Monorail before 2018-05-04 has a Cross-Site Search (XS-Search) vulnerability because CSV...
Moderate
Unreviewed
CVE-2018-19334
was published
May 14, 2022
JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news.
Moderate
Unreviewed
CVE-2018-19544
was published
May 14, 2022
JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user.
High
Unreviewed
CVE-2018-19545
was published
May 14, 2022
CSRF in the anti-csrf decorator in xunfeng 0.2.0 allows an attacker to modify the configuration...
Moderate
Unreviewed
CVE-2018-16832
was published
May 14, 2022
Missing protections against Cross-Site Request Forgery in the web application in ZyXEL NSA325 V2...
High
Unreviewed
CVE-2018-14892
was published
May 14, 2022
Showdoc CSRF Vulnerability
Moderate
CVE-2018-19621
was published
for
showdoc/showdoc
(Composer)
May 14, 2022
BageCMS 3.1.3 has CSRF via upload/index.php?r=admini/admin/ownerUpdate to modify a user account.
High
Unreviewed
CVE-2018-19560
was published
May 14, 2022
A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM...
Moderate
Unreviewed
CVE-2018-8892
was published
May 14, 2022
A cross-site request forgery (CSRF) vulnerability in the APM webtop 11.2.1 or greater may allow...
Moderate
Unreviewed
CVE-2018-15334
was published
May 14, 2022
SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) application allows an attacker...
Moderate
Unreviewed
CVE-2018-2474
was published
May 14, 2022
FUEL CMS 1.4.3 has CSRF via users/create/ to add an administrator account.
High
Unreviewed
CVE-2018-20188
was published
May 14, 2022
CSRF in PHP Server Monitor before 3.3.2
Moderate
CVE-2018-18921
was published
for
phpservermon/phpservermon
(Composer)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API