GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
143 advisories
Filter by severity
OpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF)
High
CVE-2024-47879
was published
for
org.openrefine:main
(Maven)
Oct 24, 2024
Jenkins Nexus Platform Plugin Cross-Site Request Forgery vulnerability
High
CVE-2023-50766
was published
for
org.sonatype.nexus.ci:nexus-jenkins-plugin
(Maven)
Dec 13, 2023
Cross-site request forgery vulnerability in Jenkins HTMLResource Plugin
High
CVE-2023-50774
was published
for
org.jenkins-ci.plugins:htmlresource
(Maven)
Dec 13, 2023
Cross Site Request Forgery in Silverpeas
High
CVE-2023-47322
was published
for
org.silverpeas.core:silverpeas-core-web
(Maven)
Dec 13, 2023
Cross Site Request Forgery in Silverpeas
High
CVE-2023-47326
was published
for
org.silverpeas.core:silverpeas-core
(Maven)
Dec 13, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/tag/save
High
CVE-2023-49383
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/div/update
High
CVE-2023-49381
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/nav/update
High
CVE-2023-49447
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/category/update
High
CVE-2023-49395
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/category/delete
High
CVE-2023-49398
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/nav/save
High
CVE-2023-49446
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via admin/nav/delete
High
CVE-2023-49448
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/category/save
High
CVE-2023-49396
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/category/updateStatus
High
CVE-2023-49397
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/div/delete
High
CVE-2023-49382
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS
High
CVE-2023-49373
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS
High
CVE-2023-49376
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS
High
CVE-2023-49372
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/friend_link/update
High
CVE-2023-49375
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/friend_link/delete
High
CVE-2023-49380
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/form/save
High
CVE-2023-49378
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/slide/update
High
CVE-2023-49374
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via /admin/tag/update
High
CVE-2023-49377
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Cross-Site Request Forgery in JFinalCMS via the component /admin/friend_link/save
High
CVE-2023-49379
was published
for
com.jfinal:jfinal
(Maven)
Dec 5, 2023
Jenkins MATLAB Plugin cross-site request forgery vulnerability
High
CVE-2023-49655
was published
for
org.jenkins-ci.plugins:matlab
(Maven)
Nov 29, 2023
ProTip!
Advisories are also available from the
GraphQL API