Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,476
Erlang
33
GitHub Actions
24
Go
2,203
Maven
5,000+
npm
3,857
NuGet
696
pip
3,639
Pub
12
RubyGems
912
Rust
913
Swift
38
Unreviewed advisories
All unreviewed
5,000+

7,083 advisories

Loading
Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail 0.2.2 and earlier allows... Moderate Unreviewed
CVE-2009-4077 was published May 2, 2022
Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail 0.2.2 and earlier allows... Moderate Unreviewed
CVE-2009-4076 was published May 2, 2022
Cross-site request forgery (CSRF) vulnerability in Redmine 0.8.5 and earlier allows remote... Moderate Unreviewed
CVE-2009-4079 was published May 2, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the "My Account" feature in PHPList... Moderate Unreviewed
CVE-2009-4066 was published May 2, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the User Protect module 5.x before... Moderate Unreviewed
CVE-2009-3922 was published May 2, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in Simplenews Statistics 6.x before 6... Moderate Unreviewed
CVE-2009-3785 was published May 2, 2022
Open redirect vulnerability in Simplenews Statistics 6.x before 6.x-2.0, a module for Drupal,... Moderate Unreviewed
CVE-2009-3784 was published May 2, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in sample code in the XenServer... Moderate Unreviewed
CVE-2009-3759 was published May 2, 2022
Cross-site request forgery (CSRF) vulnerability in Shared Sign-On 5.x and 6.x, a module for... Moderate Unreviewed
CVE-2009-3656 was published May 2, 2022
TYPO3 API function vulnerable to Cross-site Scripting Moderate
CVE-2009-3633 was published for typo3/cms-core (Composer) May 2, 2022
Cross-site request forgery (CSRF) vulnerability in am.pl in SQL-Ledger 2.8.24 allows remote... Moderate Unreviewed
CVE-2009-3580 was published May 2, 2022
Cross-site request forgery (CSRF) vulnerability in the Your_account module in CMSphp 0.21 allows... Moderate Unreviewed
CVE-2009-3520 was published May 2, 2022
Cross-site request forgery (CSRF) vulnerability in the RSS module in vtiger CRM 5.0.4 allows... Moderate Unreviewed
CVE-2009-3248 was published May 2, 2022
Cross-site request forgery (CSRF) vulnerability in bingo!CMS 1.2 and earlier allows remote... Moderate Unreviewed
CVE-2009-3022 was published May 2, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier,... Moderate Unreviewed
CVE-2009-2964 was published May 2, 2022
The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari... Moderate Unreviewed
CVE-2009-2816 was published May 2, 2022
Cross-site request forgery (CSRF) vulnerability in the administrative console in the Security... Moderate Unreviewed
CVE-2009-2746 was published May 2, 2022
Cross-site request forgery (CSRF) vulnerability in HP Insight Control Suite For Linux (aka ICE-LX... Moderate Unreviewed
CVE-2009-2677 was published May 2, 2022
Cross-site request forgery (CSRF) vulnerability in the Fivestar module 5.x-1.x before 5.x-1.14... Moderate Unreviewed
CVE-2009-2572 was published May 2, 2022
The web interface on the Axesstel MV 410R redirects users back to the referring page after... Moderate Unreviewed
CVE-2009-2323 was published May 2, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in Campus Virtual-LMS allow (1) remote... Moderate Unreviewed
CVE-2009-2150 was published May 2, 2022
Cross-site request forgery (CSRF) vulnerability in login.php in Elvin 1.2.0 allows remote... Moderate Unreviewed
CVE-2009-2129 was published May 2, 2022
Cross-site request forgery (CSRF) vulnerability in Linksys WRT160N wireless router hardware 1 and... Moderate Unreviewed
CVE-2009-2073 was published May 2, 2022
Cross-site request forgery (CSRF) vulnerability in Dokeos 1.8.5, and possibly earlier, allows... Moderate Unreviewed
CVE-2009-2005 was published May 2, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5... Moderate Unreviewed
CVE-2009-1802 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database