GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
102 advisories
Filter by severity
Moodle Cross-Site Request Forgery (CSRF)
Moderate
CVE-2017-7491
was published
for
moodle/moodle
(Composer)
May 17, 2022
admidio CSRF Vulnerability
Moderate
CVE-2017-8382
was published
for
admidio/admidio
(Composer)
May 17, 2022
Magento Cross-Site Request Forgery (CSRF)
Moderate
CVE-2018-5301
was published
for
magento/community-edition
(Composer)
May 14, 2022
Showdoc CSRF Vulnerability
Moderate
CVE-2018-19621
was published
for
showdoc/showdoc
(Composer)
May 14, 2022
CSRF in PHP Server Monitor before 3.3.2
Moderate
CVE-2018-18921
was published
for
phpservermon/phpservermon
(Composer)
May 14, 2022
Symfony CSRF Vulnerability
Moderate
CVE-2017-16653
was published
for
symfony/security
(Composer)
May 13, 2022
Moodle multiple cross-site request forgery (CSRF) vulnerabilities
Moderate
CVE-2014-0213
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle cross-site request forgery (CSRF) vulnerability
Moderate
CVE-2014-0126
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle cross-site request forgery (CSRF) vulnerability
Moderate
CVE-2015-5335
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle multiple cross-site request forgery (CSRF) vulnerabilities
Moderate
CVE-2015-0213
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle multiple cross-site request forgery (CSRF) vulnerabilities
Moderate
CVE-2014-7836
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle cross-site request forgery (CSRF) vulnerability
Moderate
CVE-2015-0218
was published
for
moodle/moodle
(Composer)
May 13, 2022
Moodle has multiple cross-site request forgery (CSRF) vulnerabilities in the Forum module
Moderate
CVE-2014-7838
was published
for
moodle/moodle
(Composer)
May 13, 2022
TYPO3 API function vulnerable to Cross-site Scripting
Moderate
CVE-2009-3633
was published
for
typo3/cms-core
(Composer)
May 2, 2022
Cross-Site Request Forgery in Anchor CMS
Moderate
CVE-2022-25576
was published
for
anchorcms/anchor-cms
(Composer)
Mar 26, 2022
Cross-Site Request Forgery (CSRF) Protection Bypass Vulnerability in CodeIgniter4
Moderate
CVE-2022-24712
was published
for
codeigniter4/framework
(Composer)
Mar 1, 2022
Cross-Site Request Forgery microweber
Moderate
CVE-2022-0638
was published
for
microweber/microweber
(Composer)
Feb 18, 2022
Cross-Site Request Forgery in Drupal core
Moderate
CVE-2020-13674
was published
for
drupal/core
(Composer)
Feb 12, 2022
Cross-Site Request Forgery in CakePHP
Moderate
CVE-2020-15400
was published
for
cakephp/cakephp
(Composer)
Feb 10, 2022
Cross-Site Request Forgery in microweber
Moderate
CVE-2022-0505
was published
for
microweber/microweber
(Composer)
Feb 9, 2022
Cross-Site Request Forgery (CSRF) in livehelperchat
Moderate
CVE-2022-0231
was published
for
remdex/livehelperchat
(Composer)
Jan 26, 2022
Cross-Site Request Forgery (CSRF) in livehelperchat
Moderate
CVE-2022-0226
was published
for
remdex/livehelperchat
(Composer)
Jan 26, 2022
Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat
Moderate
CVE-2022-0245
was published
for
livehelperchat/livehelperchat
(Composer)
Jan 21, 2022
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
Moderate
CVE-2021-4168
was published
for
showdoc/showdoc
(Composer)
Jan 6, 2022
Cross-Site Request Forgery in Moodle
Moderate
CVE-2020-1692
was published
for
moodle/moodle
(Composer)
Jan 6, 2022
ProTip!
Advisories are also available from the
GraphQL API