Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

211 advisories

Loading
Cross-Site Request Forgery in Anchor CMS Moderate
CVE-2024-29338 was published for anchorcms/anchor-cms (Composer) Mar 22, 2024
Concrete CMS Cross Site Request Forgery (CSRF) vulnerability Moderate
CVE-2023-48653 was published for concrete5/concrete5 (Composer) Feb 29, 2024
Concrete CMS Cross Site Request Forgery (CSRF) vulnerability Moderate
CVE-2023-48651 was published for concrete5/concrete5 (Composer) Feb 29, 2024
Bagisto Cross-Site Request Forgery vulnerability High
CVE-2023-36237 was published for bagisto/bagisto (Composer) Feb 27, 2024
Cross-Site Request Forgery in moodle Moderate
CVE-2024-25982 was published for moodle/moodle (Composer) Feb 19, 2024
livewire Cross-Site Request Forgery vulnerability High
CVE-2024-22859 was published for livewire/livewire (Composer) Feb 1, 2024 withdrawn
Treggats valorin
Concrete CMS Cross Site Request Forgery (CSRF) Moderate
CVE-2023-48652 was published for concrete5/concrete5 (Composer) Dec 25, 2023
Cross-Site Request Forgery (CSRF) in automad/automad Moderate
CVE-2023-7038 was published for automad/automad (Composer) Dec 21, 2023
marcantondahmen
Phpsysinfo Cross Site Request Forgery (CSRF) vulnerability Moderate
CVE-2023-49006 was published for phpsysinfo/phpsysinfo (Composer) Dec 19, 2023
Cross Site Request Forgery in SwiftyEdit High
CVE-2023-47350 was published for swiftyedit/swiftyedit (Composer) Nov 22, 2023
baserCMS CSRF vulnerability in Content preview Feature Moderate
CVE-2023-43649 was published for baserproject/basercms (Composer) Oct 26, 2023
Cross-Site Request Forgery (CSRF) in snipe/snipe-it High
CVE-2023-5511 was published for snipe/snipe-it (Composer) Oct 11, 2023
Wallabag user can reset data unintentionally Moderate
CVE-2023-4454 was published for wallabag/wallabag (Composer) Aug 21, 2023
Wallabag user can delete own API client unintentionally Moderate
CVE-2023-4455 was published for wallabag/wallabag (Composer) Aug 21, 2023
Duplicate Advisory: Wallabag user can delete own API client unintentionally Moderate
GHSA-gvvx-fc6p-2h9x was published for wallabag/wallabag (Composer) Aug 21, 2023 withdrawn
Duplicate Advisory: Wallabag user can reset data unintentionally Moderate
GHSA-rwpg-4c4c-v3r4 was published for wallabag/wallabag (Composer) Aug 21, 2023 withdrawn
Cockpit CMS Cross-Site Request Forgery vulnerability High
CVE-2023-37650 was published for cockpit-hq/cockpit (Composer) Jul 20, 2023
GilaCMS Cross Site Request Forgery vulnerability High
CVE-2020-20726 was published for gilacms/gila (Composer) Jun 20, 2023
Moodle vulnerable to Cross-site Request Forgery High
CVE-2023-28335 was published for moodle/moodle (Composer) Mar 23, 2023
Possible CSRF token fixation Moderate
CVE-2023-25170 was published for prestashop/prestashop (Composer) Mar 13, 2023
Froxlor Cross-Site Request Forgery vulnerability High
CVE-2023-1033 was published for froxlor/froxlor (Composer) Feb 25, 2023
Cross-Site Request Forgery (CSRF) in wallabag/wallabag Moderate
CVE-2023-0735 was published for wallabag/wallabag (Composer) Feb 8, 2023
magento-lts Reset Password not protected against well-timed CSRF Moderate
CVE-2021-21395 was published for openmage/magento-lts (Composer) Jan 26, 2023
CakePHP has incorrect Cross-Site Request Forgery validation Moderate
GHSA-829q-v5g8-hhxc was published for cakephp/cakephp (Composer) Jan 20, 2023
Froxlor vulnerable to Cross-Site Request Forgery Moderate
CVE-2022-4867 was published for froxlor/froxlor (Composer) Dec 31, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database