Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,252 advisories

Loading
wp-admin/admin-functions.php in Wordpress before 2.2.3 and Wordpress multi-user (MU) before 1.2... Moderate Unreviewed
CVE-2007-4893 was published May 1, 2022
Cross-site request forgery (CSRF) vulnerability in the device management interface in Buffalo... Moderate Unreviewed
CVE-2007-4822 was published May 1, 2022
Apache Tomcat Example Application CSRF and XSS Vulnerabilities Moderate
CVE-2007-4724 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
Cross-site scripting (XSS) vulnerability in wp-newblog.php in WordPress multi-user (MU) 1.0 and... Moderate Unreviewed
CVE-2007-4544 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Olate Download (od) 3.4.2 allow remote... Moderate Unreviewed
CVE-2007-4541 was published May 1, 2022
Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which... Moderate Unreviewed
CVE-2007-3457 was published May 1, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the administration of (1) polls, (2... Moderate Unreviewed
CVE-2007-3416 was published May 1, 2022
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4... Moderate Unreviewed
CVE-2007-2589 was published May 1, 2022
The cross-site request forgery (CSRF) protection in PHP-Nuke 8.0 and earlier does not ensure the... Moderate Unreviewed
CVE-2007-1520 was published May 1, 2022
Unspecified vulnerability in web-app.org Web Automated Perl Portal (WebAPP) 0.9.9.4 to 0.9.9.6... Moderate Unreviewed
CVE-2007-1489 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in chooser.cgi in Webmin before 1.330 and... Moderate Unreviewed
CVE-2007-1276 was published May 1, 2022
Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web... Moderate Unreviewed
CVE-2007-0044 was published May 1, 2022
Cross-site request forgery (CSRF) vulnerability in urlobox in MKPortal allows remote attackers to... Moderate Unreviewed
CVE-2006-6741 was published May 1, 2022
HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in... Moderate Unreviewed
CVE-2005-3348 was published May 1, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2)... Moderate Unreviewed
CVE-2005-2059 was published May 1, 2022
Cross-site request forgery (CSRF) vulnerability in Invision Gallery before 1.3.1 allows remote... Moderate Unreviewed
CVE-2005-1947 was published May 1, 2022
Cross-site request forgery (CSRF) vulnerability in Citrix Presentation Server 4.0 and 4.5,... Moderate Unreviewed
CVE-2002-2426 was published Apr 30, 2022
The FanBoxes extension for MediaWiki through 1.37.2 (before... Moderate Unreviewed
CVE-2022-29905 was published Apr 30, 2022
The Private Domains extension for MediaWiki through 1.37.2 (before... Moderate Unreviewed
CVE-2022-29903 was published Apr 30, 2022
Multiple (13x) Cross-Site Request Forgery (CSRF) vulnerabilities in WPKube's Subscribe To... Moderate Unreviewed
CVE-2022-29414 was published Apr 30, 2022
Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) in Shea Bunge's Footer... Moderate Unreviewed
CVE-2022-27860 was published Apr 29, 2022
Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in Mufeng's Hermit... Moderate Unreviewed
CVE-2022-29413 was published Apr 29, 2022
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Hermit ????? plugin <= 3.1.6 on... Moderate Unreviewed
CVE-2022-29412 was published Apr 29, 2022
The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in... Moderate Unreviewed
CVE-2021-24805 was published Apr 26, 2022
The myCred WordPress plugin before 2.4.4 does not have any authorisation and CSRF checks in the... Moderate Unreviewed
CVE-2022-0363 was published Apr 26, 2022
ProTip! Advisories are also available from the GraphQL API