GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,195
Composer 4,802
Erlang 36
GitHub Actions 29
Go 2,383
Maven 5,768
npm 4,015
NuGet 720
pip 3,811
Pub 12
RubyGems 930
Rust 987
Swift 38

Unreviewed advisories

All unreviewed 262,999

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

7,807 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by... High Unreviewed

CVE-2018-14908 was published May 14, 2022

Matera Banco 1.0.0 allows CSRF, as demonstrated by a /contingency/web/messageSend... High Unreviewed

CVE-2018-14926 was published May 14, 2022

SeaCMS v6.61 allows Remote Code execution by placing PHP code in an allowed IP address (aka ip)... High Unreviewed

CVE-2018-14910 was published May 14, 2022

An issue was discovered in QCMS 3.0.1. CSRF exists via the backend/user/admin/add.html URI. High Unreviewed

CVE-2018-14978 was published May 14, 2022

An issue was discovered in WeaselCMS v0.3.5. CSRF can update the website settings (such as the... High Unreviewed

CVE-2018-14958 was published May 14, 2022

An issue was discovered in WeaselCMS v0.3.5. CSRF can create new pages via an index.php?b=pages&a... High Unreviewed

CVE-2018-14959 was published May 14, 2022

An issue was discovered in OneThink v1.1. There is a CSRF vulnerability in admin.php?s=/User/add... High Unreviewed

CVE-2018-15198 was published May 14, 2022

zzcms 8.3 has CSRF via the admin/adminadd.php?action=add URI. High Unreviewed

CVE-2018-14963 was published May 14, 2022

Xiao5uCompany 1.7 has CSRF via admin/Admin.asp. High Unreviewed

CVE-2018-14960 was published May 14, 2022

An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=address&do=add page allows... High Unreviewed

CVE-2018-14965 was published May 14, 2022

An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=user&do=add page allows CSRF. High Unreviewed

CVE-2018-14966 was published May 14, 2022

OneThink 1.1.141212 allows CSRF for adding a page via admin.php?s=/Channel/add.html, adding a... Moderate Unreviewed

CVE-2018-16449 was published May 14, 2022

An issue was discovered in OneThink v1.1. There is a CSRF vulnerability in admin.php?s=... High Unreviewed

CVE-2018-15197 was published May 14, 2022

A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows remote attackers to... High Unreviewed

CVE-2018-15193 was published May 14, 2022

In Gxlcms 2.0, a news/index.php?s=Admin-Admin-Insert CSRF attack can add an administrator account. High Unreviewed

CVE-2018-15177 was published May 14, 2022

PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php. High Unreviewed

CVE-2018-15187 was published May 14, 2022

In csrf-magic before 1.0.4, if $GLOBALS['csrf']['secret'] is not configured, the Anti-CSRF Token... High Unreviewed

CVE-2013-7464 was published May 14, 2022

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor... High Unreviewed

CVE-2018-15186 was published May 14, 2022

Cross-site request forgery (CSRF) vulnerability in VaM Shop 1.6, 1.6.1, and probably earlier... Moderate Unreviewed

CVE-2011-0503 was published May 14, 2022

An issue was discovered in Ignited CMS through 2017-02-19. ign/index.php/admin/pages/add_page... Moderate Unreviewed

CVE-2018-15203 was published May 14, 2022

Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate... Moderate Unreviewed

CVE-2011-0545 was published May 14, 2022

Cross-site request forgery (CSRF) vulnerability in Greenbone Security Assistant (GSA) before 2.0... Moderate Unreviewed

CVE-2011-0650 was published May 14, 2022

Multiple cross-site request forgery (CSRF) vulnerabilities in phpList before 2.10.13 allow remote... Moderate Unreviewed

CVE-2011-0748 was published May 14, 2022

Cross-site request forgery (CSRF) vulnerability in Forms/PortForwarding_Edit_1 on the ZyXEL O2... Moderate Unreviewed

CVE-2011-0746 was published May 14, 2022

Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.0 through 1.2.2,... Moderate Unreviewed

CVE-2011-1026 was published May 14, 2022

Previous 1 2 … 261 262 263 264 265 … 312 313 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

7,807 advisories