GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+
219 advisories
Filter by severity
Cross-Site Request Forgery in moodle
High
CVE-2024-25982
was published
for
moodle/moodle
(Composer)
Feb 19, 2024
TYPO3 DB Check Module vulnerable to Cross-Site Request Forgery
Moderate
CVE-2024-55945
was published
for
typo3/cms-lowlevel
(Composer)
Jan 14, 2025
TYPO3 Scheduler Module vulnerable to Cross-Site Request Forgery
High
CVE-2024-55924
was published
for
typo3/cms-scheduler
(Composer)
Jan 14, 2025
TYPO3 Indexed Search Module vulnerable to Cross-Site Request Forgery
Moderate
CVE-2024-55923
was published
for
typo3/cms-indexed-search
(Composer)
Jan 14, 2025
TYPO3 Form Framework Module vulnerable to Cross-Site Request Forgery
Moderate
CVE-2024-55922
was published
for
typo3/cms-form
(Composer)
Jan 14, 2025
TYPO3 Extension Manager Module vulnerable to Cross-Site Request Forgery
High
CVE-2024-55921
was published
for
typo3/cms-extensionmanager
(Composer)
Jan 14, 2025
TYPO3 Cross-Site Request Forgery in Dashboard Module
Moderate
CVE-2024-55920
was published
for
typo3/cms-dashboard
(Composer)
Jan 14, 2025
TYPO3 Cross-Site Request Forgery in Backend User Module
Moderate
CVE-2024-55894
was published
for
typo3/cms-beuser
(Composer)
Jan 14, 2025
TYPO3 Cross-Site Request Forgery in Log Module
Moderate
CVE-2024-55893
was published
for
typo3/cms-belog
(Composer)
Jan 14, 2025
Concrete CMS Cross Site Request Forgery (CSRF) vulnerability
Moderate
CVE-2023-48651
was published
for
concrete5/concrete5
(Composer)
Feb 29, 2024
Concrete CMS Cross Site Request Forgery (CSRF) vulnerability
Moderate
CVE-2023-48653
was published
for
concrete5/concrete5
(Composer)
Feb 29, 2024
CSRF leading to delete account in wallabag/wallabag
Moderate
CVE-2023-0737
was published
for
wallabag/wallabag
(Composer)
Nov 15, 2024
ProcessWire Cross Site Request Forgery vulnerability
Low
CVE-2024-41597
was published
for
processwire/processwire
(Composer)
Jul 19, 2024
Cross-Site Request Forgery in Anchor CMS
Moderate
CVE-2024-29338
was published
for
anchorcms/anchor-cms
(Composer)
Mar 22, 2024
Moodle has CSRF risk in Feedback non-respondents report
High
CVE-2024-43434
was published
for
moodle/moodle
(Composer)
Nov 7, 2024
Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability
Moderate
CVE-2024-39410
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability
Moderate
CVE-2024-39409
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Magento Open Source Cross-Site Request Forgery vulnerability
Moderate
CVE-2024-39408
was published
for
magento/community-edition
(Composer)
Aug 14, 2024
Dolibarr vulnerable to Cross-Site Request Forgery
High
CVE-2024-31503
was published
for
dolibarr/dolibarr
(Composer)
Apr 17, 2024
Cross-Site Request Forgery (CSRF) in automad/automad
Moderate
CVE-2023-7038
was published
for
automad/automad
(Composer)
Dec 21, 2023
ipl/web's `ipl\Web\Common\CsrfCounterMeasure` is susceptible to CSRF
Low
CVE-2024-41811
was published
for
ipl/web
(Composer)
Aug 5, 2024
Moodle CSRF risks due to misuse of confirm_sesskey
Moderate
CVE-2024-38276
was published
for
moodle/moodle
(Composer)
Jun 18, 2024
Bagisto Cross-Site Request Forgery vulnerability
High
CVE-2023-36237
was published
for
bagisto/bagisto
(Composer)
Feb 27, 2024
Moodle CSRF risk in analytics management of models
High
CVE-2024-34008
was published
for
moodle/moodle
(Composer)
May 31, 2024
Moodle CSRF risk in admin preset tool management of presets
High
CVE-2024-34001
was published
for
moodle/moodle
(Composer)
May 31, 2024
ProTip!
Advisories are also available from the
GraphQL API