GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
40 advisories
Filter by severity
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse...
Low
Unreviewed
CVE-2022-22348
was published
Mar 15, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in The Uniform Server 5.6.5 allow...
Low
Unreviewed
CVE-2010-2113
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through...
Low
Unreviewed
CVE-2016-2998
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through...
Low
Unreviewed
CVE-2016-3009
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3...
Low
Unreviewed
CVE-2014-8521
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in pbx/gate in Brekeke PBX 2.4.4.8 allows remote...
Low
Unreviewed
CVE-2010-2114
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20...
Low
Unreviewed
CVE-2010-2151
was published
May 17, 2022
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker...
Low
Unreviewed
CVE-2020-8615
was published
May 24, 2022
The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorization and CSRF...
Low
Unreviewed
CVE-2022-4102
was published
Jan 10, 2023
Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the...
Low
Unreviewed
CVE-2022-45228
was published
Dec 12, 2022
The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from...
Low
Unreviewed
CVE-2021-26071
was published
May 24, 2022
Cross Site Request Forgery (CSRF) vulnerability in AikCms 2.0.0 in video_list.php, which can let...
Low
Unreviewed
CVE-2020-18464
was published
May 24, 2022
Cross Site Request Forgery (CSRF) vulnerability exists in v2.0.0 in video_list.php, which can let...
Low
Unreviewed
CVE-2020-18463
was published
May 24, 2022
Cross-site request forgery (CSRF) vulnerability in admin.php in eTicket 1.5.5.2 allows remote...
Low
Unreviewed
CVE-2008-0266
was published
May 1, 2022
Cross-site request forgery (CSRF) vulnerability in the rootpw plugin in rPath Appliance Platform...
Low
Unreviewed
CVE-2008-2140
was published
May 1, 2022
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote...
Low
Unreviewed
CVE-2008-3197
was published
May 1, 2022
The Subscribe2 WordPress plugin before 10.38 does not have CSRF check when deleting users, which...
Low
Unreviewed
CVE-2022-4309
was published
Jan 16, 2023
Routes used to stop running Metasploit tasks (either particular ones or all tasks) allowed GET...
Low
Unreviewed
CVE-2017-5244
was published
May 13, 2022
A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET...
Low
Unreviewed
CVE-2022-30694
was published
Nov 8, 2022
A vulnerability found in the OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version:...
Low
Unreviewed
CVE-2020-23587
was published
Nov 23, 2022
Cross-site request forgery (CSRF) vulnerability in admin/settings/update in DClassifieds 0.1...
Low
Unreviewed
CVE-2012-0990
was published
May 17, 2022
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Low
Unreviewed
CVE-2023-5899
was published
Nov 1, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Low
Unreviewed
CVE-2023-5898
was published
Nov 1, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.
Low
Unreviewed
CVE-2023-5893
was published
Nov 1, 2023
Sensitive information manipulation due to cross-site request forgery. The following products are...
Low
Unreviewed
CVE-2023-44160
was published
Sep 27, 2023
ProTip!
Advisories are also available from the
GraphQL API