Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

19 advisories

Loading
LocalAI Cross-site Scripting vulnerability Low
CVE-2024-48057 was published for github.com/mudler/LocalAI (Go) Nov 5, 2024
Hono CSRF middleware can be bypassed using crafted Content-Type header Low
CVE-2024-43787 was published for hono (npm) Aug 22, 2024
wataru-chocola
ipl/web's `ipl\Web\Common\CsrfCounterMeasure` is susceptible to CSRF Low
CVE-2024-41811 was published for ipl/web (Composer) Aug 5, 2024
ProcessWire Cross Site Request Forgery vulnerability Low
CVE-2024-41597 was published for processwire/processwire (Composer) Jul 19, 2024
Firebase vulnerable to CRSF attack Low
CVE-2024-4128 was published for firebase-tools (npm) May 2, 2024
Mattermost Jira Plugin vulnerable to Cross-Site Request Forgery Low
CVE-2024-23319 was published for github.com/mattermost/mattermost-plugin-jira (Go) Feb 9, 2024
CSRF vulnerability in Jenkins Frugal Testing Plugin Low
CVE-2023-41946 was published for io.jenkins.plugins:frugal-testing (Maven) Sep 6, 2023
CSRF vulnerability in Synopsys Jenkins Coverity Plugin Low
CVE-2023-23847 was published for org.jenkins-ci.plugins:synopsys-coverity (Maven) Feb 15, 2023
Tailscale daemon is vulnerable to information disclosure via CSRF Low
CVE-2022-41925 was published for tailscale.com/cmd (Go) Nov 21, 2022
emilytrau JJJollyjim
CSRF allows attacker to finalize/unfinalize order adjustments in solidus_backend Low
CVE-2022-31000 was published for solidus_backend (RubyGems) Jun 1, 2022
OpenCart Cross-Site Request Forgery (CSRF) Low
CVE-2020-28838 was published for opencart/opencart (Composer) May 24, 2022
CSRF vulnerability in Amazon EC2 Plugin Low
CVE-2020-2186 was published for org.jenkins-ci.plugins:ec2 (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Amazon EC2 Plugin Low
CVE-2020-2090 was published for org.jenkins-ci.plugins:ec2 (Maven) May 24, 2022
NotMyFault
Cross-Site Request Forgery in YOURLS Low
CVE-2022-0088 was published for yourls/yourls (Composer) Apr 4, 2022
Cross-Site Request Forgery in remdex/livehelperchat Low
CVE-2021-4049 was published for remdex/livehelperchat (Composer) Dec 10, 2021
bookstack is vulnerable to Cross-Site Request Forgery (CSRF) Low
CVE-2021-3944 was published for ssddanbrown/bookstack (Composer) Dec 3, 2021
Cross-Site Request Forgery in firefly-iii Low
CVE-2021-3901 was published for grumpydictator/firefly-iii (Composer) Oct 28, 2021
pterodactyl/panel CSRF allowing an external page to trigger a user logout event Low
CVE-2021-41176 was published for pterodactyl/panel (Composer) Oct 25, 2021
HDVinnie
CSRF Vuln can expose user's QRcode Low
GHSA-fxq4-r6mr-9x64 was published for Flask-Security-Too (pip) Apr 8, 2021
ProTip! Advisories are also available from the GraphQL API