GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
13 advisories
Filter by severity
Mattermost Server Path Traversal vulnerability that leads to Cross-Site Request Forgery
Moderate
CVE-2024-46872
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Oct 29, 2024
Content Censorship in the InterPlanetary File System (IPFS) via Kademlia DHT abuse
Moderate
CVE-2023-26248
was published
for
github.com/libp2p/go-libp2p-kad-dht
(Go)
Oct 25, 2024
Mattermost Cross-Site Request Forgery vulnerability
Moderate
CVE-2024-40886
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Aug 22, 2024
LocalAI cross-site request forgery vulnerability
Moderate
CVE-2024-3135
was published
for
github.com/go-skynet/LocalAI
(Go)
Apr 1, 2024
Grafana Cross Site Request Forgery (CSRF)
Moderate
CVE-2022-21703
was published
for
github.com/grafana/grafana/pkg/web
(Go)
Feb 1, 2024
Casdoor Cross-Site Request Forgery vulnerability
Moderate
CVE-2023-34927
was published
for
github.com/casdoor/casdoor
(Go)
Jun 22, 2023
AdGuardHome vulnerable to Cross-Site Request Forgery
Moderate
CVE-2022-32175
was published
for
github.com/AdguardTeam/AdGuardHome
(Go)
Oct 11, 2022
Withdrawn Advisory: OpenShift OAuth Server XSS Vulnerability
Moderate
CVE-2019-3876
was published
for
github.com/openshift/oauth-apiserver
(Go)
May 13, 2022
•
withdrawn
usememos/memos Cross-Site Request Forgery vulnerability
Moderate
CVE-2022-4849
was published
for
github.com/usememos/memos
(Go)
Dec 29, 2022
usememos/memos Cross-Site Request Forgery vulnerability
Moderate
CVE-2022-4845
was published
for
github.com/usememos/memos
(Go)
Dec 29, 2022
usememos/memos Cross-Site Request Forgery vulnerability
Moderate
CVE-2022-4846
was published
for
github.com/usememos/memos
(Go)
Dec 29, 2022
usememos/memos Cross-Site Request Forgery vulnerability
Moderate
CVE-2022-4850
was published
for
github.com/usememos/memos
(Go)
Dec 29, 2022
kube-httpcache is vulnerable to Cross-Site Request Forgery (CSRF)
Moderate
GHSA-47xh-qxqv-mgvg
was published
for
github.com/mittwald/kube-httpcache
(Go)
Dec 2, 2022
ProTip!
Advisories are also available from the
GraphQL API