GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
33
GitHub Actions
22
Go
2,121
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+
6,789 advisories
Filter by severity
Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE...
High
Unreviewed
CVE-2022-0427
was published
Mar 29, 2022
Cross-Site Request Forgery in Anchor CMS
Moderate
CVE-2022-25576
was published
for
anchorcms/anchor-cms
(Composer)
Mar 26, 2022
TypesetterCMS v5.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which is...
High
Unreviewed
CVE-2022-25523
was published
Mar 26, 2022
Passwork On-Premise Edition before 4.6.13 allows CSRF via the groups, password, and history...
High
Unreviewed
CVE-2022-25268
was published
Mar 25, 2022
An issus was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can...
Moderate
Unreviewed
CVE-2021-43737
was published
Mar 24, 2022
An issue was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can that...
High
Unreviewed
CVE-2021-43738
was published
Mar 24, 2022
Cross-Site Request Forgery (CSRF) in Yoo Slider – Image Slider & Video Slider (WordPress plugin)...
Moderate
Unreviewed
CVE-2022-25608
was published
Mar 24, 2022
A Cross-Site Request Forgery (CSRF) in the management portal of Snapt Aria v12.8 allows attackers...
High
Unreviewed
CVE-2022-24235
was published
Mar 22, 2022
The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF...
High
Unreviewed
CVE-2021-24905
was published
Mar 22, 2022
The miniOrange's Google Authenticator WordPress plugin before 5.5 does not have proper...
High
Unreviewed
CVE-2022-0229
was published
Mar 22, 2022
Cross-Site Request Forgery (CSRF) in GitHub repository crater-invoice/crater prior to 6.0.4.
Moderate
Unreviewed
CVE-2022-0515
was published
Mar 22, 2022
The Amelia WordPress plugin before 1.0.47 does not have CSRF check in place when deleting...
Moderate
Unreviewed
CVE-2022-0616
was published
Mar 22, 2022
The Simple Membership WordPress plugin before 4.1.0 does not have CSRF check in place when...
Moderate
Unreviewed
CVE-2022-0681
was published
Mar 22, 2022
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF).
High
Unreviewed
CVE-2022-23349
was published
Mar 22, 2022
A Cross-Site Request Forgery (CSRF) in Chamilo LMS 1.11.14 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2021-40662
was published
Mar 22, 2022
A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to...
High
Unreviewed
CVE-2022-27226
was published
Mar 20, 2022
Cross-Site Request Forgery in Jenkins P4 Plugin
High
CVE-2021-21655
was published
for
org.jenkins-ci.plugins:p4
(Maven)
Mar 18, 2022
CSRF vulnerability and missing permission checks in Jenkins Extended Choice Parameter Plugin allow SSRF
Moderate
CVE-2022-27204
was published
for
org.jenkins-ci.plugins:extended-choice-parameter
(Maven)
Mar 16, 2022
CSRF vulnerability in Jenkins CloudBees AWS Credentials Plugin
High
CVE-2022-27198
was published
for
org.jenkins-ci.plugins:aws-credentials
(Maven)
Mar 16, 2022
CSRF vulnerability in Jenkins Release Helper Plugin
Moderate
CVE-2022-27214
was published
for
org.jenkins-ci.plugins:release-helper
(Maven)
Mar 16, 2022
CSRF vulnerability in Jenkins kubernetes-cd Plugin allow capturing credentials
High
CVE-2022-27210
was published
for
org.jenkins-ci.plugins:kubernetes-cd
(Maven)
Mar 16, 2022
The Simple Quotation WordPress plugin through 1.3.2 does not have CSRF check when creating or...
Moderate
Unreviewed
CVE-2022-22734
was published
Mar 15, 2022
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse...
Low
Unreviewed
CVE-2022-22348
was published
Mar 15, 2022
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to cross-site...
High
Unreviewed
CVE-2022-22346
was published
Mar 15, 2022
An issue was discovered in PONTON X/P Messenger before 3.11.2. Anti-CSRF tokens are globally...
High
Unreviewed
CVE-2021-45886
was published
Mar 14, 2022
ProTip!
Advisories are also available from the
GraphQL API