GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
59 advisories
Filter by severity
LocalAI Cross-site Scripting vulnerability
Low
CVE-2024-48057
was published
for
github.com/mudler/LocalAI
(Go)
Nov 5, 2024
A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System...
Low
Unreviewed
CVE-2024-42792
was published
Aug 26, 2024
Hono CSRF middleware can be bypassed using crafted Content-Type header
Low
CVE-2024-43787
was published
for
hono
(npm)
Aug 22, 2024
ipl/web's `ipl\Web\Common\CsrfCounterMeasure` is susceptible to CSRF
Low
CVE-2024-41811
was published
for
ipl/web
(Composer)
Aug 5, 2024
ProcessWire Cross Site Request Forgery vulnerability
Low
CVE-2024-41597
was published
for
processwire/processwire
(Composer)
Jul 19, 2024
Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2...
Low
Unreviewed
CVE-2024-36452
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Low
Unreviewed
CVE-2024-39156
was published
Jun 27, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Low
Unreviewed
CVE-2024-39157
was published
Jun 27, 2024
A Cross-site request forgery (CSRF) flaw was found in Keycloak and occurs due to the lack of a...
Low
Unreviewed
CVE-2024-5203
was published
Jun 12, 2024
Firebase vulnerable to CRSF attack
Low
CVE-2024-4128
was published
for
firebase-tools
(npm)
May 2, 2024
A potential security vulnerability has been identified in Hewlett Packard Enterprise...
Low
Unreviewed
CVE-2024-22438
was published
Apr 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in SumoMe Sumo.This issue affects Sumo: from n/a...
Low
Unreviewed
CVE-2024-31265
was published
Apr 12, 2024
Mattermost Jira Plugin vulnerable to Cross-Site Request Forgery
Low
CVE-2024-23319
was published
for
github.com/mattermost/mattermost-plugin-jira
(Go)
Feb 9, 2024
The My Sticky Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Low
Unreviewed
CVE-2023-7048
was published
Jan 11, 2024
Cross-site Request Forgery (CSRF) in Checkmk < 2.2.0p15, < 2.1.0p37, <= 2.0.0p39 allow an...
Low
Unreviewed
CVE-2023-6251
was published
Nov 24, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Low
Unreviewed
CVE-2023-5898
was published
Nov 1, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Low
Unreviewed
CVE-2023-5899
was published
Nov 1, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Low
Unreviewed
CVE-2023-5893
was published
Nov 1, 2023
Cross Site Request Forgery vulnerability in Click Studios (SA) Pty Ltd Passwordstate v.Build 9785...
Low
Unreviewed
CVE-2023-43295
was published
Oct 31, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/ojs prior to 3.3.0-16.
Low
Unreviewed
CVE-2023-5626
was published
Oct 18, 2023
Sensitive information manipulation due to cross-site request forgery. The following products are...
Low
Unreviewed
CVE-2023-44161
was published
Sep 27, 2023
Sensitive information manipulation due to cross-site request forgery. The following products are...
Low
Unreviewed
CVE-2023-44160
was published
Sep 27, 2023
CSRF vulnerability in Jenkins Frugal Testing Plugin
Low
CVE-2023-41946
was published
for
io.jenkins.plugins:frugal-testing
(Maven)
Sep 6, 2023
Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote...
Low
Unreviewed
CVE-2023-39061
was published
Aug 21, 2023
The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by...
Low
Unreviewed
CVE-2023-3209
was published
Jul 10, 2023
ProTip!
Advisories are also available from the
GraphQL API