Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

97 advisories

Loading
Cross-Site Request Forgery in moodle High
CVE-2024-25982 was published for moodle/moodle (Composer) Feb 19, 2024
TYPO3 Scheduler Module vulnerable to Cross-Site Request Forgery High
CVE-2024-55924 was published for typo3/cms-scheduler (Composer) Jan 14, 2025
TYPO3 Extension Manager Module vulnerable to Cross-Site Request Forgery High
CVE-2024-55921 was published for typo3/cms-extensionmanager (Composer) Jan 14, 2025
Moodle has CSRF risk in Feedback non-respondents report High
CVE-2024-43434 was published for moodle/moodle (Composer) Nov 7, 2024
Dolibarr vulnerable to Cross-Site Request Forgery High
CVE-2024-31503 was published for dolibarr/dolibarr (Composer) Apr 17, 2024
Bagisto Cross-Site Request Forgery vulnerability High
CVE-2023-36237 was published for bagisto/bagisto (Composer) Feb 27, 2024
Moodle CSRF risk in analytics management of models High
CVE-2024-34008 was published for moodle/moodle (Composer) May 31, 2024
Moodle CSRF risk in admin preset tool management of presets High
CVE-2024-34001 was published for moodle/moodle (Composer) May 31, 2024
Zend-Navigation vulnerable to Cross-site Scripting High
GHSA-6v7p-5qcq-268c was published for zendframework/zend-navigation (Composer) Jun 7, 2024
Zend-Feed URL Rewrite vulnerability High
GHSA-jmmp-vh96-78rm was published for zendframework/zend-feed (Composer) Jun 7, 2024
Zend-HTTP URL Rewrite vulnerability High
GHSA-cg8w-5jrc-675g was published for zendframework/zend-http (Composer) Jun 7, 2024
silverstripe/graphql Cross-Site Request Forgery vulnerability High
GHSA-wjg9-v8cf-f5q2 was published for silverstripe/graphql (Composer) May 28, 2024
Wikimedia MediaWiki allows CSRF High
CVE-2019-12466 was published for mediawiki/core (Composer) May 24, 2022
eZ Platform CSRF token in login form is disabled by default High
GHSA-45qm-j4m9-whv9 was published for ezsystems/ezplatform (Composer) May 15, 2024
Dolibarr Cross-Site Request Forgery (CSRF) High
CVE-2019-15062 was published for dolibarr/dolibarr (Composer) May 24, 2022
Dolibarr Cross Site Request Forgery (CSRF) High
CVE-2019-1010054 was published for dolibarr/dolibarr (Composer) May 24, 2022
Drupal Cross-Site Request Forgery (CSRF) High
CVE-2017-6379 was published for drupal/core (Composer) May 17, 2022
Moodle vulnerable to Cross-site Request Forgery High
CVE-2023-28335 was published for moodle/moodle (Composer) Mar 23, 2023
Contao CSRF Token Bypass High
CVE-2019-10642 was published for contao/contao (Composer) May 14, 2022
PyroCMS Vulnerable to CSRF High
CVE-2020-25263 was published for pyrocms/pyrocms (Composer) May 24, 2022
ViMbAdmin CSRF Vulnerabilities High
CVE-2017-6086 was published for opensolutions/vimbadmin (Composer) May 17, 2022
Gleez CMS CSRF Allows Adding of Administrator Accounts High
CVE-2018-15845 was published for gleez/cms (Composer) May 14, 2022
Bagisto CSRF Vulnerability High
CVE-2019-14933 was published for bagisto/bagisto (Composer) May 24, 2022
Codiad CSRF Vulnerability High
CVE-2020-14043 was published for codiad/codiad (Composer) May 24, 2022
Subrion CMS Cross-Site Request Forgery (CSRF) vulnerability High
CVE-2019-20390 was published for intelliants/subrion (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database