Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,440 advisories

Loading
QuickAppsCMS Cross-Site Request Forgery (CSRF) High
CVE-2018-17102 was published for quickapps/cms (Composer) May 14, 2022
In youke365 v1.1.5, admin/user.html has a CSRF vulnerability that can add an user account. High Unreviewed
CVE-2018-18215 was published May 14, 2022
Cross-site request forgery (CSRF) vulnerability in /admin.php?c=member&m=edit&uid=1 in dayrui... High Unreviewed
CVE-2018-18191 was published May 14, 2022
An issue was discovered in Joomla! before 3.8.13. com_installer actions do not have sufficient... High Unreviewed
CVE-2018-17858 was published May 14, 2022
A potential security vulnerability has been identified with certain HP printers and MFPs in... High Unreviewed
CVE-2018-5921 was published May 14, 2022
qibosoft V7.0 allows CSRF via admin/index.php?lfj=member&action=addmember to add a user account. High Unreviewed
CVE-2018-18201 was published May 14, 2022
DESHANG DSCMS 1.1 has CSRF via the public/index.php/admin/admin/add.html URI. High Unreviewed
CVE-2018-18317 was published May 14, 2022
emlog v6.0.0 has CSRF via the admin/user.php?action=new URI. High Unreviewed
CVE-2018-18316 was published May 14, 2022
The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerable to CSRF due to... High Unreviewed
CVE-2018-15702 was published May 14, 2022
DASAN H660GW devices do not implement any CSRF protection mechanism. High Unreviewed
CVE-2018-17869 was published May 14, 2022
rars/user/data in razorCMS 3.4.8 allows CSRF for changing the password of an admin user. High Unreviewed
CVE-2018-17986 was published May 14, 2022
An issue was discovered in CMS MaeloStore V.1.5.0. There is a CSRF vulnerability that can change... High Unreviewed
CVE-2018-17045 was published May 14, 2022
** DISPUTED ** An issue was discovered in GetSimple CMS v3.3.13. There is a CSRF vulnerability... High Unreviewed
CVE-2018-17103 was published May 14, 2022
Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web... High Unreviewed
CVE-2018-12456 was published May 14, 2022
CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allows CSRF via admin/index.php... High Unreviewed
CVE-2018-18773 was published May 14, 2022
CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allows CSRF via admin/index.php... High Unreviewed
CVE-2018-18772 was published May 14, 2022
An issue was discovered in DESTOON B2B 7.0. CSRF exists via the admin.php URI in an action=add... High Unreviewed
CVE-2018-18432 was published May 14, 2022
UsualToolCMS 8.0 allows CSRF for adding a user account via the cmsadmin/a_adminx.php?x=a URI. High Unreviewed
CVE-2018-18422 was published May 14, 2022
Agentejo Cockpit lacks an anti-CSRF protection mechanism. Thus, an attacker is able to change API... High Unreviewed
CVE-2018-15539 was published May 14, 2022
NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by... High Unreviewed
CVE-2018-12364 was published May 14, 2022
Zenario CMS vulnerable to CSRF High
CVE-2018-18420 was published for tribalsystems/zenario (Composer) May 14, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x... High Unreviewed
CVE-2015-4630 was published May 14, 2022
In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload... High Unreviewed
CVE-2018-12370 was published May 14, 2022
The Oracle WebCenter Interaction Portal 10.3.3 does not implement protection against Cross-site... High Unreviewed
CVE-2018-16952 was published May 14, 2022
An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the po-admin/route.php?mod=component... High Unreviewed
CVE-2018-18935 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database