GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,265
Composer 4,633
Erlang 34
GitHub Actions 25
Go 2,241
Maven 5,485
npm 3,902
NuGet 701
pip 3,669
Pub 12
RubyGems 914
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 252,839

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

7,337 advisories

Filter by severity

Sort by

Least recently updated

The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12, 1.24.x before... High Unreviewed

CVE-2015-8624 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in L-04D firmware version V10a and V10b allows... High Unreviewed

CVE-2016-4854 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0... High Unreviewed

CVE-2017-6366 was published May 17, 2022

A vulnerability in the Device Manager web interface of Cisco Industrial Ethernet 1000 Series... High Unreviewed

CVE-2017-6634 was published May 17, 2022

Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). The Revive Adserver... High Unreviewed

CVE-2016-9456 was published May 17, 2022

IBM Sterling Order Management 9.2 through 9.5 is vulnerable to cross-site request forgery which... High Unreviewed

CVE-2016-9991 was published May 17, 2022

Kibana Reporting plugin version 2.4.0 is vulnerable to a CSRF vulnerability that could allow an... High Unreviewed

CVE-2016-1000218 was published May 17, 2022

Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 allows remote... High Unreviewed

CVE-2017-5943 was published May 17, 2022

The Insights from Google PageSpeed WordPress plugin before 4.0.7 does not verify for CSRF before... High Unreviewed

CVE-2022-1672 was published Jul 18, 2022

A Cross-Site Request Forgery (CSRF) in Ferdi through 5.8.1 and Ferdium through 6.0.0-nightly.98... High Unreviewed

CVE-2022-32320 was published Jul 18, 2022

The Sharebar WordPress plugin through 1.4.1 does not have CSRF check in place when updating its... Moderate Unreviewed

CVE-2022-1626 was published Jul 12, 2022

The Rename wp-login.php WordPress plugin through 2.6.0 does not have CSRF check in place when... Moderate Unreviewed

CVE-2022-1732 was published Jul 12, 2022

The Pagebar WordPress plugin through 2.65 does not have CSRF check in place when updating its... Moderate Unreviewed

CVE-2022-1757 was published Jul 12, 2022

Cross-site request forgery (CSRF) vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and... High Unreviewed

CVE-2016-7809 was published May 17, 2022

The Cache Images WordPress plugin before 3.2.1 does not implement nonce checks, which could allow... Moderate Unreviewed

CVE-2022-2091 was published Jul 12, 2022

The WP Opt-in WordPress plugin through 1.4.1 is vulnerable to CSRF which allows changed plugin... Moderate Unreviewed

CVE-2022-2123 was published Jul 12, 2022

In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account (via the... High Unreviewed

CVE-2017-9673 was published May 17, 2022

Benjamin BALET Jorani v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the... High Unreviewed

CVE-2022-34134 was published Jun 29, 2022

Marval MSM v14.19.0.12476 is vulnerable to Cross Site Request Forgery (CSRF). An attacker can... Moderate Unreviewed

CVE-2022-31886 was published Jun 29, 2022

The Cimy Header Image Rotator WordPress plugin through 6.1.1 does not have CSRF check in place... Moderate Unreviewed

CVE-2022-1885 was published Jun 28, 2022

The Add Post URL WordPress plugin through 2.1.0 does not have CSRF check in place when updating... Moderate Unreviewed

CVE-2022-1913 was published Jun 28, 2022

WonderCMS before 2.0.3 has CSRF because of lack of a token in an unspecified context. High Unreviewed

CVE-2017-7951 was published May 17, 2022

The New User Approve WordPress plugin before 2.4 does not have CSRF check in place when updating... Moderate Unreviewed

CVE-2022-1625 was published Jun 28, 2022

Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote... High Unreviewed

CVE-2016-5401 was published May 17, 2022

The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resultant XSS, in which... High Unreviewed

CVE-2017-7990 was published May 17, 2022

Previous 1 2 … 278 279 280 281 282 … 293 294 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

7,337 advisories