GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,755
Composer 4,471
Erlang 33
GitHub Actions 24
Go 2,180
Maven 5,418
npm 3,836
NuGet 696
pip 3,555
Pub 12
RubyGems 910
Rust 908
Swift 38

Unreviewed advisories

All unreviewed 248,581

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6,990 advisories

Filter by severity

Sort by

Least recently updated

Cross-Site Request Forgery (CSRF) exists in Hashtopus 1.5g via the password parameter to admin... High Unreviewed

CVE-2017-11679 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR... High Unreviewed

CVE-2017-2273 was published May 17, 2022

Cross-Site Request Forgery (CSRF) vulnerability in Photo Gallery by Supsystic plugin <= 1.15.5 at... Moderate Unreviewed

CVE-2021-36891 was published Jun 16, 2022

Cross-Site Request Forgery (CSRF) vulnerability in Private Messages For WordPress plugin <= 2.1... Moderate Unreviewed

CVE-2022-29441 was published Jun 16, 2022

WordPress 2.6.3 relies on the REQUEST superglobal array in certain dangerous situations, which... Moderate Unreviewed

CVE-2008-5113 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in PHParanoid before 0.5 allows remote attackers... Moderate Unreviewed

CVE-2008-5758 was published May 17, 2022

The postTabs WordPress plugin through 2.10.6 does not have CSRF check in place when updating its... Moderate Unreviewed

CVE-2022-1781 was published Jun 14, 2022

The JetWidgets for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2023-0086 was published Jan 5, 2023

Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4... High Unreviewed

CVE-2016-6427 was published May 17, 2022

The Peterâ€™s Collaboration E-mails WordPress plugin through 2.2.0 is vulnerable to CSRF due to... Moderate Unreviewed

CVE-2022-1761 was published Jun 14, 2022

The Auto Delete Posts WordPress plugin through 1.3.0 does not have CSRF check in place when... High Unreviewed

CVE-2022-1779 was published Jun 14, 2022

Cross-Site Request Forgery (CSRF) exists in Hashtopussy 0.4.0, allowing an admin password change... High Unreviewed

CVE-2017-11680 was published May 17, 2022

The Latest Tweets Widget WordPress plugin through 1.1.4 does not have CSRF check in place when... Moderate Unreviewed

CVE-2022-1624 was published Jun 14, 2022

The WP-chgFontSize WordPress plugin through 1.8 does not have CSRF check in place when updating... Moderate Unreviewed

CVE-2022-1764 was published Jun 14, 2022

EyouCMS V1.5.8-UTF8-SP1 is vulnerable to Cross Site Request Forgery (CSRF) via the background,... High Unreviewed

CVE-2022-36225 was published Aug 20, 2022

The OnePress Social Locker WordPress plugin through 5.6.2 does not have CSRF check in place when... Moderate Unreviewed

CVE-2022-1608 was published Jun 14, 2022

Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 devices do not possess any protection... High Unreviewed

CVE-2017-11648 was published May 17, 2022

NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are... High Unreviewed

CVE-2017-11646 was published May 17, 2022

A vulnerability was found in CoreHR Core Portal up to 27.0.7. It has been classified as... High Unreviewed

CVE-2019-25064 was published Jun 10, 2022

The Email Users WordPress plugin through 4.8.8 does not have CSRF check in place when updating... Moderate Unreviewed

CVE-2022-1605 was published Jun 14, 2022

The Throws SPAM Away WordPress plugin before 3.3.1 does not have CSRF checks in place when... Moderate Unreviewed

CVE-2022-1709 was published Jun 9, 2022

The Useful Banner Manager WordPress plugin through 1.6.1 does not perform CSRF checks on POST... Moderate Unreviewed

CVE-2022-1694 was published Jun 14, 2022

The Database Backup for WordPress plugin before 2.5.2 does not have CSRF check in place when... Moderate Unreviewed

CVE-2022-1577 was published Jun 9, 2022

Cross-site request forgery (CSRF) vulnerability in Planetluc RateMe 1.3.3 allows remote attackers... Moderate Unreviewed

CVE-2008-4899 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in cmd.cgi in (1) Nagios 3.0.5 and (2) op5... Moderate Unreviewed

CVE-2008-5028 was published May 17, 2022

Previous 1 2 … 269 270 271 272 273 … 279 280 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,990 advisories