Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,439 advisories

Loading
A vulnerability in the web-based management interface of Cisco Energy Management Suite Software... High Unreviewed
CVE-2018-15445 was published May 13, 2022
A CSRF vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could... High Unreviewed
CVE-2018-15612 was published May 13, 2022
Moodle Login CSRF vulnerability in login form High
CVE-2018-16854 was published for moodle/moodle (Composer) May 13, 2022
Pivotal Spring Batch Admin, all versions, does not contain cross site request forgery protection.... High Unreviewed
CVE-2018-1230 was published May 13, 2022
IBM Application Performance Management - Response Time Monitoring Agent (IBM Monitoring 8.1.4) is... High Unreviewed
CVE-2018-1442 was published May 13, 2022
IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site... High Unreviewed
CVE-2018-1455 was published May 13, 2022
IBM Robotic Process Automation with Automation Anywhere 10.0 is vulnerable to cross-site request... High Unreviewed
CVE-2018-1514 was published May 13, 2022
IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 is vulnerable to cross-site... High Unreviewed
CVE-2018-1622 was published May 13, 2022
IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to cross-site request forgery... High Unreviewed
CVE-2018-1661 was published May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console is vulnerable to cross-site... High Unreviewed
CVE-2018-1926 was published May 13, 2022
IBM StoredIQ 7.6 is vulnerable to cross-site request forgery which could allow an attacker to... High Unreviewed
CVE-2018-1927 was published May 13, 2022
IBM Business Automation Workflow 18.0.0.0 and 18.0.0.1 is vulnerable to cross-site request... High Unreviewed
CVE-2018-2000 was published May 13, 2022
In the uncurl_ws_accept function in uncurl.c in uncurl before 0.07, as used in Parsec before 140... High Unreviewed
CVE-2018-6651 was published May 13, 2022
A cross-site request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250... High Unreviewed
CVE-2018-7524 was published May 13, 2022
A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component. High Unreviewed
CVE-2018-7677 was published May 13, 2022
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The web application does not,... High Unreviewed
CVE-2018-8844 was published May 13, 2022
Cross-site request forgery (CSRF) vulnerability in admin/user.php in Synology Photo Station... High Unreviewed
CVE-2018-8925 was published May 13, 2022
Jenkins Warnings Next Generation Plugin cross-site request forgery vulnerability High
CVE-2019-1003008 was published for io.jenkins.plugins:warnings-ng (Maven) May 13, 2022
Sandbox Bypass via CSRF in Jenkins Warnings Plugin High
CVE-2019-1003007 was published for org.jvnet.hudson.plugins:warnings (Maven) May 13, 2022
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could... High Unreviewed
CVE-2019-1658 was published May 13, 2022
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP)... High Unreviewed
CVE-2019-1764 was published May 13, 2022
Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) Cloud allows... High Unreviewed
CVE-2019-3604 was published May 13, 2022
Cross-site request forgery has been identified in Moxa IKS and EDS, which may allow for the... High Unreviewed
CVE-2019-6561 was published May 13, 2022
FastAdmin V1.0.0.20190111_beta has a CSRF vulnerability to add a new admin user via the admin... High Unreviewed
CVE-2019-11077 was published May 13, 2022
Gem in a Box vulnerable to Cross-site Request Forgery High
CVE-2017-14683 was published for geminabox (RubyGems) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database