Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,904
Maven
5,000+
npm
3,634
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+

207 advisories

Loading
WooCommerce Cross-Site Request Forgery (CSRF) High
CVE-2019-20891 was published for woocommerce/woocommerce (Composer) May 24, 2022
Comments plugin Cross-Site Request Forgery (CSRF) Moderate
CVE-2020-13868 was published for verbb/comments (Composer) May 24, 2022
Image Resizer Cross-Site Request Forgery (CSRF) High
CVE-2020-13458 was published for verbb/image-resizer (Composer) May 24, 2022
Subrion CMS Cross-Site Request Forgery (CSRF) vulnerability High
CVE-2019-20390 was published for intelliants/subrion (Composer) May 24, 2022
Dolibarr Cross-Site Request Forgery Vulnerability High
CVE-2020-11825 was published for dolibarr/dolibarr (Composer) May 24, 2022
Subrion CMS CSRF Vulnerability High
CVE-2018-21037 was published for intelliants/subrion (Composer) May 24, 2022
phpBB Cross-Site Request Forgery (CSRF) Moderate
CVE-2019-16107 was published for phpbb/phpbb (Composer) May 24, 2022
SilverStripe Denial of Service on flush and development URL tools Moderate
CVE-2019-12246 was published for silverstripe/framework (Composer) May 24, 2022
Silverstripe CSRF Protection Bypass via GraphQL High
CVE-2019-12437 was published for silverstripe/graphql (Composer) May 24, 2022
phpBB Cross-Site Request Forgery (CSRF) Moderate
CVE-2020-5501 was published for phpbb/phpbb (Composer) May 24, 2022
Pagekit File Upload vulnerability High
CVE-2019-19013 was published for pagekit/pagekit (Composer) May 24, 2022
Magento 2 Community Edition RCE Vulnerability via CSRF High
CVE-2019-8109 was published for magento/community-edition (Composer) May 24, 2022
phpBB Cross-Site Request Forgery (CSRF) High
CVE-2019-16993 was published for phpbb/phpbb (Composer) May 24, 2022
phpBB Cross-Site Request Forgery (CSRF) Moderate
CVE-2019-13376 was published for phpbb/phpbb (Composer) May 24, 2022
Dolibarr Cross-Site Request Forgery (CSRF) High
CVE-2019-15062 was published for dolibarr/dolibarr (Composer) May 24, 2022
Bagisto CSRF Vulnerability High
CVE-2019-14933 was published for bagisto/bagisto (Composer) May 24, 2022
Magento 2 Community Edition CSRF vulnerability Moderate
CVE-2019-7947 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7874 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Cross-site Scripting Vulnerability Moderate
CVE-2019-7873 was published for magento/community-edition (Composer) May 24, 2022
Magento Cross-Site Request Forgery (CSRF) Moderate
CVE-2019-7857 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition CSRF Vulnerability High
CVE-2019-7865 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition CSRF vulnerability Moderate
CVE-2019-7851 was published for magento/community-edition (Composer) May 24, 2022
Moodle CSRF Vulnerability High
CVE-2019-10186 was published for moodle/moodle (Composer) May 24, 2022
Dolibarr Cross Site Request Forgery (CSRF) High
CVE-2019-1010054 was published for dolibarr/dolibarr (Composer) May 24, 2022
Wikimedia MediaWiki allows CSRF High
CVE-2019-12466 was published for mediawiki/core (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database