GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
5,980 advisories
Filter by severity
An issue was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can that...
High
Unreviewed
CVE-2021-43738
was published
Mar 24, 2022
TypesetterCMS v5.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which is...
High
Unreviewed
CVE-2022-25523
was published
Mar 26, 2022
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF).
High
Unreviewed
CVE-2022-23349
was published
Mar 22, 2022
The Simple Membership WordPress plugin before 4.1.0 does not have CSRF check in place when...
Moderate
Unreviewed
CVE-2022-0681
was published
Mar 22, 2022
Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE...
High
Unreviewed
CVE-2022-0427
was published
Mar 29, 2022
Cross-Site Request Forgery in Anchor CMS
Moderate
CVE-2022-25576
was published
for
anchorcms/anchor-cms
(Composer)
Mar 26, 2022
The Translate WordPress with GTranslate WordPress plugin before 2.9.9 does not have CSRF check in...
High
Unreviewed
CVE-2022-0770
was published
Mar 29, 2022
The Sermon Browser WordPress plugin through 0.45.22 does not have CSRF checks in place when...
High
Unreviewed
CVE-2022-0499
was published
Mar 29, 2022
Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management...
Moderate
Unreviewed
CVE-2010-4032
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in HP Insight Control for Linux before 6.2 allows...
Moderate
Unreviewed
CVE-2010-4106
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the file manager service (Services/FileService...
Moderate
Unreviewed
CVE-2010-3603
was published
May 17, 2022
An issue was discovered in Firmware Analysis and Comparison Tool v3.2. Logged in administrators...
High
Unreviewed
CVE-2021-44312
was published
Mar 31, 2022
A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to change the password...
High
Unreviewed
CVE-2022-27432
was published
Mar 31, 2022
Cross-Site Request Forgery in YOURLS
Low
CVE-2022-0088
was published
for
yourls/yourls
(Composer)
Apr 4, 2022
The FormBuilder WordPress plugin through 1.08 does not have CSRF checks in place when creating...
Moderate
Unreviewed
CVE-2022-0830
was published
Apr 5, 2022
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800...
High
Unreviewed
CVE-2022-20774
was published
Apr 7, 2022
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3,...
High
Unreviewed
CVE-2020-4668
was published
Apr 9, 2022
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a Cross-Site Request Forgery ...
High
Unreviewed
CVE-2022-36546
was published
Aug 27, 2022
Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress...
Moderate
Unreviewed
CVE-2022-25615
was published
Apr 12, 2022
The Export All URLs WordPress plugin before 4.3 does not have CSRF in place when exporting data,...
Moderate
Unreviewed
CVE-2022-0914
was published
Apr 12, 2022
A Cross-Site Request Forgery (CSRF) in IceHrm 31.0.0.OS allows attackers to delete arbitrary...
Moderate
Unreviewed
CVE-2022-26588
was published
Apr 9, 2022
qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/update URI.
High
Unreviewed
CVE-2022-26180
was published
Apr 9, 2022
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager...
High
Unreviewed
CVE-2021-32162
was published
Apr 12, 2022
Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress...
Moderate
Unreviewed
CVE-2022-25614
was published
Apr 12, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site...
Moderate
Unreviewed
CVE-2022-22959
was published
Apr 14, 2022
ProTip!
Advisories are also available from the
GraphQL API