Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,050
Erlang
29
GitHub Actions
19
Go
1,876
Maven
5,000+
npm
3,602
NuGet
638
pip
3,199
Pub
10
RubyGems
852
Rust
813
Swift
35
Unreviewed advisories
All unreviewed
5,000+

55 advisories

A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System... Low Unreviewed
CVE-2024-42792 was published Aug 26, 2024
ipl/web's `ipl\Web\Common\CsrfCounterMeasure` is susceptible to CSRF Low
CVE-2024-41811 was published for ipl/web (Composer) Aug 5, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ... Low Unreviewed
CVE-2024-39156 was published Jun 27, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ... Low Unreviewed
CVE-2024-39157 was published Jun 27, 2024
A Cross-site request forgery (CSRF) flaw was found in Keycloak and occurs due to the lack of a... Low Unreviewed
CVE-2024-5203 was published Jun 12, 2024
Firebase vulnerable to CRSF attack Low
CVE-2024-4128 was published for firebase-tools (npm) May 2, 2024
OpenCart Cross-Site Request Forgery (CSRF) Low
CVE-2020-28838 was published for opencart/opencart (Composer) May 24, 2022
A potential security vulnerability has been identified in Hewlett Packard Enterprise... Low Unreviewed
CVE-2024-22438 was published Apr 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in SumoMe Sumo.This issue affects Sumo: from n/a... Low Unreviewed
CVE-2024-31265 was published Apr 12, 2024
Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote... Low Unreviewed
CVE-2023-39061 was published Aug 21, 2023
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by... Low Unreviewed
CVE-2023-3209 was published Jul 10, 2023
Mattermost Jira Plugin vulnerable to Cross-Site Request Forgery Low
CVE-2024-23319 was published for github.com/mattermost/mattermost-plugin-jira (Go) Feb 9, 2024
CSRF vulnerability in Synopsys Jenkins Coverity Plugin Low
CVE-2023-23847 was published for org.jenkins-ci.plugins:synopsys-coverity (Maven) Feb 15, 2023
CSRF vulnerability in Jenkins Frugal Testing Plugin Low
CVE-2023-41946 was published for io.jenkins.plugins:frugal-testing (Maven) Sep 6, 2023
The My Sticky Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Low Unreviewed
CVE-2023-7048 was published Jan 11, 2024
A vulnerability has been found in SourceCodester Simple Cold Storage Management System 1.0 and... Low Unreviewed
CVE-2022-3582 was published Oct 18, 2022
CSRF vulnerability in Amazon EC2 Plugin Low
CVE-2020-2186 was published for org.jenkins-ci.plugins:ec2 (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Amazon EC2 Plugin Low
CVE-2020-2090 was published for org.jenkins-ci.plugins:ec2 (Maven) May 24, 2022
NotMyFault
Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an... Low Unreviewed
CVE-2023-6251 was published Nov 24, 2023
Cross Site Request Forgery vulnerability in Click Studios (SA) Pty Ltd Passwordstate v.Build 9785... Low Unreviewed
CVE-2023-43295 was published Oct 31, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/ojs prior to 3.3.0-16. Low Unreviewed
CVE-2023-5626 was published Oct 18, 2023
Sensitive information manipulation due to cross-site request forgery. The following products are... Low Unreviewed
CVE-2023-44161 was published Sep 27, 2023
Sensitive information manipulation due to cross-site request forgery. The following products are... Low Unreviewed
CVE-2023-44160 was published Sep 27, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Low Unreviewed
CVE-2023-5893 was published Nov 1, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Low Unreviewed
CVE-2023-5898 was published Nov 1, 2023
ProTip! Advisories are also available from the GraphQL API