Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,231
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

40 advisories

Loading
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse... Low Unreviewed
CVE-2022-22348 was published Mar 15, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in The Uniform Server 5.6.5 allow... Low Unreviewed
CVE-2010-2113 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through... Low Unreviewed
CVE-2016-2998 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through... Low Unreviewed
CVE-2016-3009 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3... Low Unreviewed
CVE-2014-8521 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in pbx/gate in Brekeke PBX 2.4.4.8 allows remote... Low Unreviewed
CVE-2010-2114 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20... Low Unreviewed
CVE-2010-2151 was published May 17, 2022
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker... Low Unreviewed
CVE-2020-8615 was published May 24, 2022
The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorization and CSRF... Low Unreviewed
CVE-2022-4102 was published Jan 10, 2023
Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the... Low Unreviewed
CVE-2022-45228 was published Dec 12, 2022
The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from... Low Unreviewed
CVE-2021-26071 was published May 24, 2022
Cross Site Request Forgery (CSRF) vulnerability in AikCms 2.0.0 in video_list.php, which can let... Low Unreviewed
CVE-2020-18464 was published May 24, 2022
Cross Site Request Forgery (CSRF) vulnerability exists in v2.0.0 in video_list.php, which can let... Low Unreviewed
CVE-2020-18463 was published May 24, 2022
Cross-site request forgery (CSRF) vulnerability in admin.php in eTicket 1.5.5.2 allows remote... Low Unreviewed
CVE-2008-0266 was published May 1, 2022
Cross-site request forgery (CSRF) vulnerability in the rootpw plugin in rPath Appliance Platform... Low Unreviewed
CVE-2008-2140 was published May 1, 2022
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote... Low Unreviewed
CVE-2008-3197 was published May 1, 2022
The Subscribe2 WordPress plugin before 10.38 does not have CSRF check when deleting users, which... Low Unreviewed
CVE-2022-4309 was published Jan 16, 2023
Routes used to stop running Metasploit tasks (either particular ones or all tasks) allowed GET... Low Unreviewed
CVE-2017-5244 was published May 13, 2022
A vulnerability has been identified in SIMATIC Drive Controller family (All versions), SIMATIC ET... Low Unreviewed
CVE-2022-30694 was published Nov 8, 2022
A vulnerability found in the OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version:... Low Unreviewed
CVE-2020-23587 was published Nov 23, 2022
Cross-site request forgery (CSRF) vulnerability in admin/settings/update in DClassifieds 0.1... Low Unreviewed
CVE-2012-0990 was published May 17, 2022
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Low Unreviewed
CVE-2023-5898 was published Nov 1, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Low Unreviewed
CVE-2023-5899 was published Nov 1, 2023
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16. Low Unreviewed
CVE-2023-5893 was published Nov 1, 2023
Sensitive information manipulation due to cross-site request forgery. The following products are... Low Unreviewed
CVE-2023-44160 was published Sep 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database