Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
656
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

40 advisories

Loading
A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System... Low Unreviewed
CVE-2024-42792 was published Aug 26, 2024
Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2... Low Unreviewed
CVE-2024-36452 was published Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ... Low Unreviewed
CVE-2024-39157 was published Jun 27, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ... Low Unreviewed
CVE-2024-39156 was published Jun 27, 2024
A Cross-site request forgery (CSRF) flaw was found in Keycloak and occurs due to the lack of a... Low Unreviewed
CVE-2024-5203 was published Jun 12, 2024
A potential security vulnerability has been identified in Hewlett Packard Enterprise... Low Unreviewed
CVE-2024-22438 was published Apr 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in SumoMe Sumo.This issue affects Sumo: from n/a... Low Unreviewed
CVE-2024-31265 was published Apr 12, 2024
The My Sticky Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Low Unreviewed
CVE-2023-7048 was published Jan 11, 2024
Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an... Low Unreviewed
CVE-2023-6251 was published Nov 24, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Low Unreviewed
CVE-2023-5899 was published Nov 1, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Low Unreviewed
CVE-2023-5898 was published Nov 1, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Low Unreviewed
CVE-2023-5893 was published Nov 1, 2023
Cross Site Request Forgery vulnerability in Click Studios (SA) Pty Ltd Passwordstate v.Build 9785... Low Unreviewed
CVE-2023-43295 was published Oct 31, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/ojs prior to 3.3.0-16. Low Unreviewed
CVE-2023-5626 was published Oct 18, 2023
Sensitive information manipulation due to cross-site request forgery. The following products are... Low Unreviewed
CVE-2023-44160 was published Sep 27, 2023
Sensitive information manipulation due to cross-site request forgery. The following products are... Low Unreviewed
CVE-2023-44161 was published Sep 27, 2023
Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote... Low Unreviewed
CVE-2023-39061 was published Aug 21, 2023
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by... Low Unreviewed
CVE-2023-3209 was published Jul 10, 2023
The Subscribe2 WordPress plugin before 10.38 does not have CSRF check when deleting users, which... Low Unreviewed
CVE-2022-4309 was published Jan 16, 2023
The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorization and CSRF... Low Unreviewed
CVE-2022-4102 was published Jan 10, 2023
Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the... Low Unreviewed
CVE-2022-45228 was published Dec 12, 2022
A vulnerability found in the OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version:... Low Unreviewed
CVE-2020-23587 was published Nov 23, 2022
A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET... Low Unreviewed
CVE-2022-30694 was published Nov 8, 2022
A vulnerability has been found in SourceCodester Simple Cold Storage Management System 1.0 and... Low Unreviewed
CVE-2022-3582 was published Oct 18, 2022
Cross Site Request Forgery (CSRF) vulnerability exists in v2.0.0 in video_list.php, which can let... Low Unreviewed
CVE-2020-18463 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database