Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

63 advisories

Loading
A vulnerability found in the OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version:... Low Unreviewed
CVE-2020-23587 was published Nov 23, 2022
Cross-site request forgery (CSRF) vulnerability in admin/settings/update in DClassifieds 0.1... Low Unreviewed
CVE-2012-0990 was published May 17, 2022
CSRF allows attacker to finalize/unfinalize order adjustments in solidus_backend Low
CVE-2022-31000 was published for solidus_backend (RubyGems) Jun 1, 2022
pterodactyl/panel CSRF allowing an external page to trigger a user logout event Low
CVE-2021-41176 was published for pterodactyl/panel (Composer) Oct 25, 2021
HDVinnie
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Low Unreviewed
CVE-2023-5899 was published Nov 1, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Low Unreviewed
CVE-2023-5898 was published Nov 1, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Low Unreviewed
CVE-2023-5893 was published Nov 1, 2023
Sensitive information manipulation due to cross-site request forgery. The following products are... Low Unreviewed
CVE-2023-44160 was published Sep 27, 2023
Sensitive information manipulation due to cross-site request forgery. The following products are... Low Unreviewed
CVE-2023-44161 was published Sep 27, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/ojs prior to 3.3.0-16. Low Unreviewed
CVE-2023-5626 was published Oct 18, 2023
Cross Site Request Forgery vulnerability in Click Studios (SA) Pty Ltd Passwordstate v.Build 9785... Low Unreviewed
CVE-2023-43295 was published Oct 31, 2023
Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an... Low Unreviewed
CVE-2023-6251 was published Nov 24, 2023
CSRF vulnerability in Jenkins Amazon EC2 Plugin Low
CVE-2020-2090 was published for org.jenkins-ci.plugins:ec2 (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Amazon EC2 Plugin Low
CVE-2020-2186 was published for org.jenkins-ci.plugins:ec2 (Maven) May 24, 2022
NotMyFault
A vulnerability has been found in SourceCodester Simple Cold Storage Management System 1.0 and... Low Unreviewed
CVE-2022-3582 was published Oct 18, 2022
The My Sticky Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Low Unreviewed
CVE-2023-7048 was published Jan 11, 2024
CSRF vulnerability in Jenkins Frugal Testing Plugin Low
CVE-2023-41946 was published for io.jenkins.plugins:frugal-testing (Maven) Sep 6, 2023
CSRF vulnerability in Synopsys Jenkins Coverity Plugin Low
CVE-2023-23847 was published for org.jenkins-ci.plugins:synopsys-coverity (Maven) Feb 15, 2023
Mattermost Jira Plugin vulnerable to Cross-Site Request Forgery Low
CVE-2024-23319 was published for github.com/mattermost/mattermost-plugin-jira (Go) Feb 9, 2024
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by... Low Unreviewed
CVE-2023-3209 was published Jul 10, 2023
Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote... Low Unreviewed
CVE-2023-39061 was published Aug 21, 2023
Cross-Site Request Forgery (CSRF) vulnerability in SumoMe Sumo.This issue affects Sumo: from n/a... Low Unreviewed
CVE-2024-31265 was published Apr 12, 2024
A potential security vulnerability has been identified in Hewlett Packard Enterprise... Low Unreviewed
CVE-2024-22438 was published Apr 15, 2024
OpenCart Cross-Site Request Forgery (CSRF) Low
CVE-2020-28838 was published for opencart/opencart (Composer) May 24, 2022
Firebase vulnerable to CRSF attack Low
CVE-2024-4128 was published for firebase-tools (npm) May 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database