GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
303 advisories
Cross-Site Request Forgery (CSRF) in Apache Airflow
High
CVE-2017-17835
was published
for
apache-airflow
(pip)
Jan 25, 2019
Cross site scripting (XSS) in JupyterHub via Self-XSS leveraged by Cookie Tossing
High
CVE-2024-28233
was published
for
jupyterhub
(pip)
Mar 28, 2024
High severity vulnerability that affects io.vertx:vertx-web
High
CVE-2018-12540
was published
for
io.vertx:vertx-web
(Maven)
Oct 17, 2018
ESPHome vulnerable to Authentication bypass via Cross site request forgery
High
CVE-2024-29019
was published
for
esphome
(pip)
Mar 21, 2024
CSRF token missing in Symfony
High
CVE-2022-23601
was published
for
symfony/framework-bundle
(Composer)
Feb 1, 2022
ProTip!
Advisories are also available from the
GraphQL API