Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,633
Erlang
34
GitHub Actions
25
Go
2,241
Maven
5,000+
npm
3,902
NuGet
701
pip
3,669
Pub
12
RubyGems
914
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

7,337 advisories

Loading
AXIS Communications products allow CSRF, as demonstrated by admin/pwdgrp.cgi, vaconfig.cgi, and... High Unreviewed
CVE-2015-8255 was published May 17, 2022
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The... High Unreviewed
CVE-2016-8369 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in SetsucoCMS all versions allows remote... High Unreviewed
CVE-2016-4891 was published May 17, 2022
BigTree CMS through 4.2.17 relies on a substring check for CSRF protection, which allows remote... High Unreviewed
CVE-2017-7881 was published May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in Simple Invoices 2013.1.beta.8 allow... High Unreviewed
CVE-2017-8930 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in WP-OliveCart versions prior to 3.1.3 and WP... High Unreviewed
CVE-2016-4904 was published May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the access portal on the DIGISOL DG... High Unreviewed
CVE-2017-6127 was published May 17, 2022
Multiple CSRF issues exist in BigTree CMS through 4.2.18 - the clear parameter to core\admin... High Unreviewed
CVE-2017-9379 was published May 17, 2022
atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user account. High Unreviewed
CVE-2017-9519 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote... Moderate Unreviewed
CVE-2016-4909 was published May 17, 2022
CSRF exists in BigTree CMS 4.1.18 and 4.2.16 with the id parameter to the admin/ajax/users/delete... High Unreviewed
CVE-2017-6914 was published May 17, 2022
CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page.... Moderate Unreviewed
CVE-2017-6917 was published May 17, 2022
There is CSRF in the CopySafe Web Protection plugin before 2.6 for WordPress, allowing attackers... Moderate Unreviewed
CVE-2017-8100 was published May 17, 2022
Insufficient user input in Apache Jetspeed-2 Critical
CVE-2022-32533 was published for org.apache.portals.jetspeed-2:jetspeed-commons (Maven) Jul 7, 2022
In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow... Moderate Unreviewed
CVE-2015-1785 was published Jul 8, 2022
Cross-site request forgery (CSRF) vulnerability in Hands-on Vulnerability Learning Tool "AppGoat"... High Unreviewed
CVE-2017-2102 was published May 17, 2022
An issue was discovered in PESCMS-V2.3.3. There is a CSRF vulnerability that allows attackers to... Moderate Unreviewed
CVE-2021-31679 was published Jul 7, 2022
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 have Login Page CSRF and Save... High Unreviewed
CVE-2017-5891 was published May 17, 2022
IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site request forgery which could... High Unreviewed
CVE-2016-5889 was published May 17, 2022
CSRF in the Clean Login plugin before 1.8 for WordPress allows remote attackers to change the... Moderate Unreviewed
CVE-2017-8875 was published May 17, 2022
A cross-site request forgery vulnerability in Lenovo Service Bridge before version 4 could be... High Unreviewed
CVE-2016-8229 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and... High Unreviewed
CVE-2016-4884 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows... High Unreviewed
CVE-2016-4876 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Uploader version 3.0.10 and... High Unreviewed
CVE-2016-4887 was published May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in the Scheduler... High Unreviewed
CVE-2017-6803 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database