Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

211 advisories

Loading
Codiad CSRF Vulnerability High
CVE-2020-14043 was published for codiad/codiad (Composer) May 24, 2022
NukeViet Cross-Site Request Forgery (CSRF) Moderate
CVE-2020-13157 was published for nukeviet/nukeviet (Composer) May 24, 2022
NukeViet Cross-Site Request Forgery (CSRF) Moderate
CVE-2020-13156 was published for nukeviet/nukeviet (Composer) May 24, 2022
NukeViet Cross-Site Request Forgery (CSRF) High
CVE-2020-13155 was published for nukeviet/nukeviet (Composer) May 24, 2022
WooCommerce Cross-Site Request Forgery (CSRF) High
CVE-2019-20891 was published for woocommerce/woocommerce (Composer) May 24, 2022
Comments plugin Cross-Site Request Forgery (CSRF) Moderate
CVE-2020-13868 was published for verbb/comments (Composer) May 24, 2022
Image Resizer Cross-Site Request Forgery (CSRF) High
CVE-2020-13458 was published for verbb/image-resizer (Composer) May 24, 2022
Subrion CMS Cross-Site Request Forgery (CSRF) vulnerability High
CVE-2019-20390 was published for intelliants/subrion (Composer) May 24, 2022
Dolibarr Cross-Site Request Forgery Vulnerability High
CVE-2020-11825 was published for dolibarr/dolibarr (Composer) May 24, 2022
Subrion CMS CSRF Vulnerability High
CVE-2018-21037 was published for intelliants/subrion (Composer) May 24, 2022
phpBB Cross-Site Request Forgery (CSRF) Moderate
CVE-2019-16107 was published for phpbb/phpbb (Composer) May 24, 2022
Silverstripe CSRF Protection Bypass via GraphQL High
CVE-2019-12437 was published for silverstripe/graphql (Composer) May 24, 2022
SilverStripe Denial of Service on flush and development URL tools Moderate
CVE-2019-12246 was published for silverstripe/framework (Composer) May 24, 2022
phpBB Cross-Site Request Forgery (CSRF) Moderate
CVE-2020-5501 was published for phpbb/phpbb (Composer) May 24, 2022
Pagekit File Upload vulnerability High
CVE-2019-19013 was published for pagekit/pagekit (Composer) May 24, 2022
Magento 2 Community Edition RCE Vulnerability via CSRF High
CVE-2019-8109 was published for magento/community-edition (Composer) May 24, 2022
phpBB Cross-Site Request Forgery (CSRF) High
CVE-2019-16993 was published for phpbb/phpbb (Composer) May 24, 2022
phpBB Cross-Site Request Forgery (CSRF) Moderate
CVE-2019-13376 was published for phpbb/phpbb (Composer) May 24, 2022
Dolibarr Cross-Site Request Forgery (CSRF) High
CVE-2019-15062 was published for dolibarr/dolibarr (Composer) May 24, 2022
Bagisto CSRF Vulnerability High
CVE-2019-14933 was published for bagisto/bagisto (Composer) May 24, 2022
Magento 2 Community Edition CSRF vulnerability Moderate
CVE-2019-7947 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Cross-site Scripting Vulnerability Moderate
CVE-2019-7873 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition XSS Vulnerability Moderate
CVE-2019-7874 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition CSRF Vulnerability High
CVE-2019-7865 was published for magento/community-edition (Composer) May 24, 2022
Magento Cross-Site Request Forgery (CSRF) Moderate
CVE-2019-7857 was published for magento/community-edition (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database