Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

67 advisories

Loading
Authentication Bypass by CSRF Weakness Critical
GHSA-5629-8855-gf4g was published for solidus_core (RubyGems) Nov 18, 2021
oliverchang
Insufficient user input in Apache Jetspeed-2 Critical
CVE-2022-32533 was published for org.apache.portals.jetspeed-2:jetspeed-commons (Maven) Jul 7, 2022
XWiki CKEditor.HTMLConverter vulnerable to Remote Code Execution via Cross-Site Request Forgery Critical
CVE-2023-22457 was published for org.xwiki.contrib:application-ckeditor-ui (Maven) Jan 6, 2023
Authentication Bypass by CSRF Weakness Critical
CVE-2021-41275 was published for spree_auth_devise (RubyGems) Nov 18, 2021
Authentication Bypass by CSRF Weakness Critical
CVE-2021-41274 was published for solidus_auth_devise (RubyGems) Nov 18, 2021
Authentication Bypass by CSRF Weakness Critical
GHSA-gpqc-4pp7-5954 was published for spree_auth_devise (RubyGems) Nov 18, 2021
jasnow
Authentication Bypass by CSRF Weakness Critical
GHSA-8xfw-5q82-3652 was published for spree_auth_devise (RubyGems) Nov 18, 2021
jasnow
Authentication Bypass by CSRF Weakness Critical
GHSA-6mqr-q86q-6gwr was published for spree_auth_devise (RubyGems) Nov 18, 2021
jasnow tdunlap607
Tailscale Windows daemon is vulnerable to RCE via CSRF Critical
CVE-2022-41924 was published for tailscale.com (Go) Nov 21, 2022
emilytrau JJJollyjim
hod-alpert
phpMyAdmin CSRF Vulnerability Critical
CVE-2016-9866 was published for phpmyadmin/phpmyadmin (Composer) May 17, 2022
ProTip! Advisories are also available from the GraphQL API