GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
94 advisories
Filter by severity
Grav CMS Cross-Site Request Forgery (CSRF)
High
CVE-2020-29553
was published
for
getgrav/grav
(Composer)
May 24, 2022
CakePHP allows method override parameters to bypass CSRF checks
High
CVE-2020-35239
was published
for
cakephp/cakephp
(Composer)
May 24, 2022
Subrion CMS CSRF Vulnerability
High
CVE-2019-7357
was published
for
intelliants/subrion
(Composer)
May 24, 2022
PyroCMS Vulnerable to CSRF
High
CVE-2020-25263
was published
for
pyrocms/pyrocms
(Composer)
May 24, 2022
Codiad CSRF Vulnerability
High
CVE-2020-14043
was published
for
codiad/codiad
(Composer)
May 24, 2022
NukeViet Cross-Site Request Forgery (CSRF)
High
CVE-2020-13155
was published
for
nukeviet/nukeviet
(Composer)
May 24, 2022
WooCommerce Cross-Site Request Forgery (CSRF)
High
CVE-2019-20891
was published
for
woocommerce/woocommerce
(Composer)
May 24, 2022
Image Resizer Cross-Site Request Forgery (CSRF)
High
CVE-2020-13458
was published
for
verbb/image-resizer
(Composer)
May 24, 2022
Subrion CMS Cross-Site Request Forgery (CSRF) vulnerability
High
CVE-2019-20390
was published
for
intelliants/subrion
(Composer)
May 24, 2022
Dolibarr Cross-Site Request Forgery Vulnerability
High
CVE-2020-11825
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
Subrion CMS CSRF Vulnerability
High
CVE-2018-21037
was published
for
intelliants/subrion
(Composer)
May 24, 2022
Silverstripe CSRF Protection Bypass via GraphQL
High
CVE-2019-12437
was published
for
silverstripe/graphql
(Composer)
May 24, 2022
Pagekit File Upload vulnerability
High
CVE-2019-19013
was published
for
pagekit/pagekit
(Composer)
May 24, 2022
Magento 2 Community Edition RCE Vulnerability via CSRF
High
CVE-2019-8109
was published
for
magento/community-edition
(Composer)
May 24, 2022
phpBB Cross-Site Request Forgery (CSRF)
High
CVE-2019-16993
was published
for
phpbb/phpbb
(Composer)
May 24, 2022
Dolibarr Cross-Site Request Forgery (CSRF)
High
CVE-2019-15062
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
Bagisto CSRF Vulnerability
High
CVE-2019-14933
was published
for
bagisto/bagisto
(Composer)
May 24, 2022
Magento 2 Community Edition CSRF Vulnerability
High
CVE-2019-7865
was published
for
magento/community-edition
(Composer)
May 24, 2022
Moodle CSRF Vulnerability
High
CVE-2019-10186
was published
for
moodle/moodle
(Composer)
May 24, 2022
Dolibarr Cross Site Request Forgery (CSRF)
High
CVE-2019-1010054
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
Wikimedia MediaWiki allows CSRF
High
CVE-2019-12466
was published
for
mediawiki/core
(Composer)
May 24, 2022
CSRF in baserCMS 3.0.10 and earlier
High
CVE-2016-4881
was published
for
baserproject/basercms
(Composer)
May 17, 2022
baserCMS Cross Site Request Forgery vulnerability
High
CVE-2016-4878
was published
for
baserproject/basercms
(Composer)
May 17, 2022
Zend Framework CSRF Vulnerability
High
CVE-2015-1786
was published
for
zendframework/zendframework
(Composer)
May 17, 2022
Drupal Cross-Site Request Forgery (CSRF)
High
CVE-2017-6379
was published
for
drupal/core
(Composer)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API