Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,765
Maven
4,990
npm
3,536
NuGet
616
pip
3,105
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+

92 advisories

Loading
Elefant CMS CSRF Vulnerability High
CVE-2018-16387 was published for elefant/cms (Composer) May 14, 2022
Moodle CSRF Vulnerability High
CVE-2019-10186 was published for moodle/moodle (Composer) May 24, 2022
phpMyAdmin CSRF Vulnerability High
CVE-2017-1000499 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Cross Site Request Forgery in Moodle High
CVE-2022-0335 was published for moodle/moodle (Composer) Jan 28, 2022
Subrion CMS CSRF Vulnerability High
CVE-2017-15063 was published for intelliants/subrion (Composer) May 14, 2022
Pagekit File Upload vulnerability High
CVE-2019-19013 was published for pagekit/pagekit (Composer) May 24, 2022
Subrion CMS CSRF Vulnerability High
CVE-2019-7357 was published for intelliants/subrion (Composer) May 24, 2022
October CMS CSRF High
CVE-2017-16244 was published for october/october (Composer) May 13, 2022
daftspunk
Subrion CMS CSRF Vulnerability High
CVE-2018-21037 was published for intelliants/subrion (Composer) May 24, 2022
phpMyFAQ CSRF High
CVE-2018-16650 was published for thorsten/phpmyfaq (Composer) May 14, 2022
Subrion CMS vulnerable to CSRF in admin/blocks/add High
CVE-2017-6068 was published for intelliants/subrion (Composer) May 14, 2022
Subrion CMS vulnerable to CSRF in blog/delete High
CVE-2017-18366 was published for intelliants/subrion (Composer) May 14, 2022
Cockpit CMS Cross-Site Request Forgery vulnerability High
CVE-2023-37650 was published for cockpit-hq/cockpit (Composer) Jul 20, 2023
GilaCMS Cross Site Request Forgery vulnerability High
CVE-2020-20726 was published for gilacms/gila (Composer) Jun 20, 2023
Cross-Site Request Forgery (CSRF) in snipe/snipe-it High
CVE-2023-5511 was published for snipe/snipe-it (Composer) Oct 11, 2023
WooCommerce Cross-Site Request Forgery (CSRF) High
CVE-2019-20891 was published for woocommerce/woocommerce (Composer) May 24, 2022
Cross Site Request Forgery in SwiftyEdit High
CVE-2023-47350 was published for swiftyedit/swiftyedit (Composer) Nov 22, 2023
Moodle Cross-site request forgery (CSRF) vulnerability High
CVE-2016-3734 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle multiple cross-site request forgery (CSRF) vulnerabilities High
CVE-2015-5338 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle cross-site request forgery (CSRF) vulnerability High
CVE-2016-2157 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Magento 2 Community Edition RCE Vulnerability via CSRF High
CVE-2019-8109 was published for magento/community-edition (Composer) May 24, 2022
Backend Same-Site Request Forgery in TYPO3 CMS High
CVE-2020-11069 was published for typo3/cms (Composer) May 13, 2020
ohader
Cross-Site-Request-Forgery in Backend High
CVE-2021-41113 was published for typo3/cms (Composer) Oct 5, 2021
sushiwushi ohader
Drupal Core Cross-Site Request Forgery (CSRF) vulnerability High
CVE-2020-13663 was published for drupal/core (Composer) May 24, 2022
westonsteimel
Silverstripe CSRF Protection Bypass via GraphQL High
CVE-2019-12437 was published for silverstripe/graphql (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API