Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,709 advisories

Loading
Wellcms 2.2.0 is vulnerable to Cross Site Request Forgery (CSRF). High Unreviewed
CVE-2022-36579 was published Aug 20, 2022
Cross-site request forgery (CSRF) vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier ... High Unreviewed
CVE-2017-2138 was published May 17, 2022
The Comcast firmware on Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version... High Unreviewed
CVE-2017-9490 was published May 17, 2022
Pulse Connect Secure 8.3R1 has CSRF in diag.cgi. In the panel, the diag.cgi file is responsible... High Unreviewed
CVE-2017-11193 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 4.10.2 through... High Unreviewed
CVE-2016-6417 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the admin web interface in GNU Mailman before... High Unreviewed
CVE-2016-7123 was published May 17, 2022
Cross-Site Request Forgery in Elefant CMS High
CVE-2017-20062 was published for elefant/cms (Composer) Jun 21, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the Podcast feature in Subsonic 6.1... High Unreviewed
CVE-2017-9413 was published May 17, 2022
Chyrp Lite version 2016.04 is vulnerable to a CSRF in the user settings function allowing... High Unreviewed
CVE-2017-1000008 was published May 17, 2022
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Image Slider by NextCode plugin <=... High Unreviewed
CVE-2022-29437 was published Jun 16, 2022
Cross-Site Request Forgery (CSRF) vulnerability in GLPI 0.90.4 allows remote authenticated... High Unreviewed
CVE-2016-7507 was published May 17, 2022
Cross-Site Request Forgery (CSRF) exists in Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8... High Unreviewed
CVE-2017-9930 was published May 17, 2022
EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is potentially affected by a... High Unreviewed
CVE-2017-4998 was published May 17, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site request... High Unreviewed
CVE-2017-1194 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in TS-WPTCAM, TS-PTCAM, TS-PTCAM/POE, TS-WLC2, TS... High Unreviewed
CVE-2017-2223 was published May 17, 2022
The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow... High Unreviewed
CVE-2017-2688 was published May 17, 2022
A CVE-352 Cross-Site Request Forgery (CSRF) vulnerability exists that could allow an attacker to... High Unreviewed
CVE-2021-22725 was published Jan 29, 2022
A CVE-352 Cross-Site Request Forgery (CSRF) vulnerability exists that could allow an attacker to... High Unreviewed
CVE-2021-22724 was published Jan 29, 2022
A vulnerability was found in Global Content Blocks Plugin 2.1.5. It has been declared as... High Unreviewed
CVE-2017-20090 was published Jun 24, 2022
Cross-site request forgery (CSRF) vulnerability in subsonic 6.1.1 allows remote attackers with... High Unreviewed
CVE-2017-9415 was published May 17, 2022
A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance... High Unreviewed
CVE-2017-6659 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9.1 allows remote attackers... High Unreviewed
CVE-2017-10678 was published May 17, 2022
Ruckus Wireless H500 web management interface CSRF High Unreviewed
CVE-2016-1000213 was published May 17, 2022
A vulnerability classified as problematic was found in TrueConf Server 4.3.7. This vulnerability... High Unreviewed
CVE-2017-20120 was published Jun 30, 2022
A vulnerability in Cisco Finesse Agent and Supervisor Desktop Software could allow an... High Unreviewed
CVE-2016-6442 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database