Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,831
Maven
5,000+
npm
4,462
NuGet
775
pip
4,226
Pub
12
RubyGems
972
Rust
1,093
Swift
47
Unreviewed advisories
All unreviewed
5,000+

8,467 advisories

Loading
Cross-site request forgery (CSRF) vulnerability in Cisco MediaSense 10.5(1) and earlier allows... Moderate Unreviewed
CVE-2015-0736 was published May 17, 2022
The response function in the JSONP endpoint in WebService/Server/JSONRPC.pm in jsonrpc.cgi in... Moderate Unreviewed
CVE-2014-1546 was published May 17, 2022
The JSONP endpoint in includes/api/ApiFormatJson.php in MediaWiki before 1.19.18, 1.20.x through... Moderate Unreviewed
CVE-2014-5241 was published May 17, 2022
Web2py Cross-Site Request Forgery vulnerability Moderate
CVE-2016-4808 was published for web2py (pip) May 17, 2022
Serendipity through 2.0.5 allows CSRF for the installation of an event plugin or a sidebar plugin. High Unreviewed
CVE-2017-5476 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Grails console (aka Grails Debug Console and... High Unreviewed
CVE-2016-6521 was published May 17, 2022
comment.php in Serendipity through 2.0.5 allows CSRF in deleting any comments. High Unreviewed
CVE-2017-5475 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in CMS Made Simple before 2.1.6 allows remote... High Unreviewed
CVE-2016-7904 was published May 17, 2022
A vulnerability in Cisco Hybrid Meeting Server could allow an unauthenticated, remote attacker to... High Unreviewed
CVE-2016-9218 was published May 17, 2022
IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 is vulnerable to cross-site request forgery which... High Unreviewed
CVE-2016-6103 was published May 17, 2022
IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site request forgery which could allow an... High Unreviewed
CVE-2016-5937 was published May 17, 2022
IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site request forgery which... High Unreviewed
CVE-2016-6045 was published May 17, 2022
ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, is vulnerable to CSRF ... High Unreviewed
CVE-2017-5368 was published May 17, 2022
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. There... High Unreviewed
CVE-2017-5165 was published May 17, 2022
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11... Moderate Unreviewed
CVE-2015-5571 was published May 17, 2022
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The... High Unreviewed
CVE-2016-8369 was published May 17, 2022
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions... High Unreviewed
CVE-2016-9365 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0,... High Unreviewed
CVE-2016-4845 was published May 17, 2022
An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV... Critical Unreviewed
CVE-2017-5145 was published May 17, 2022
IBM Jazz for Service Management 1.1.2.1 and 1.1.3 is vulnerable to cross-site request forgery... High Unreviewed
CVE-2016-9975 was published May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the access portal on the DIGISOL DG... High Unreviewed
CVE-2017-6127 was published May 17, 2022
Umbraco CMS vulnerable to CSRF High
CVE-2015-8814 was published for Umbraco.CMS (NuGet) May 17, 2022
Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 devices allows remote attackers... High Unreviewed
CVE-2017-6411 was published May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router... High Unreviewed
CVE-2017-5633 was published May 17, 2022
IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow... Moderate Unreviewed
CVE-2016-9730 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database