GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,393 advisories

Filter by severity

Sort by

Least recently updated

Cross-Site Request Forgery (CSRF) vulnerability leading to Database Reset in WordPress WP Reset... High Unreviewed

CVE-2021-36908 was published Nov 19, 2021

Team Password Manager (aka TeamPasswordManager) before 10.135.236 has a CSRF vulnerability during... High Unreviewed

CVE-2021-44036 was published Nov 20, 2021

The Easy Registration Forms WordPress plugin is vulnerable to Cross-Site Request Forgery due to... High Unreviewed

CVE-2021-39353 was published Nov 20, 2021

We have already fixed this vulnerability in the following versions of QmailAgent: QmailAgent 3.0... High Unreviewed

CVE-2021-34358 was published Nov 21, 2021

Cross-site request forgery (CSRF) vulnerability in Unlimited Sitemap Generator versions prior to... High Unreviewed

CVE-2021-20845 was published Nov 25, 2021

The Contact Form With Captcha WordPress plugin is vulnerable to Cross-Site Request Forgery due to... High Unreviewed

CVE-2021-42358 was published Nov 30, 2021

The Stetic WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce... High Unreviewed

CVE-2021-42364 was published Nov 30, 2021

Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel... High Unreviewed

CVE-2021-43137 was published Dec 2, 2021

Cross-site request forgery (CSRF) vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1... High Unreviewed

CVE-2021-20860 was published Dec 2, 2021

Cross-site request forgery (CSRF) vulnerability in Browser and Operating System Finder versions... High Unreviewed

CVE-2021-20851 was published Dec 2, 2021

IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site request forgery (CSRF) in the... High Unreviewed

CVE-2021-29756 was published Dec 4, 2021

b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the User... High Unreviewed

CVE-2021-31631 was published Dec 7, 2021

Serv-U server responds with valid CSRFToken when the request contains only Session. High Unreviewed

CVE-2021-35242 was published Dec 7, 2021

The Tawk.To Live Chat WordPress plugin before 0.6.0 does not have capability and CSRF checks in... High Unreviewed

CVE-2021-24914 was published Dec 7, 2021

A Cross Site Request Forgery (CSRF) vulnerability exits in ZZZCMS V1.7.1 via the save_user... High Unreviewed

CVE-2020-19682 was published Dec 10, 2021

The Like Button Rating â™¥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation... High Unreviewed

CVE-2021-24945 was published Dec 14, 2021

Cross Site Request Forgery (CSRF) vulnerability exits in Catfish <=6.1.* when you upload an html... High Unreviewed

CVE-2021-45017 was published Dec 17, 2021

Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS) discovered... High Unreviewed

CVE-2021-36887 was published Dec 21, 2021

The Directorist WordPress plugin before 7.0.6.2 was vulnerable to Cross-Site Request Forgery to... High Unreviewed

CVE-2021-24981 was published Dec 22, 2021

Cross-Site Request Forgery (CSRF) vulnerability discovered in Contact Form 7 Database Addon –... High Unreviewed

CVE-2021-36886 was published Dec 23, 2021

A cross-site request forgery (CSRF) in Rockoa v1.9.8 allows an authenticated attacker to... High Unreviewed

CVE-2020-20593 was published Dec 24, 2021

A Cross-Site Request Forgery (CSRF) in /admin/index.php?lfj=member&action=editmember of Qibosoft... High Unreviewed

CVE-2020-20945 was published Dec 28, 2021

A vulnerability in /damicms-master/admin.php?s=/Article/doedit of DamiCMS v6.0 allows attackers... High Unreviewed

CVE-2020-21236 was published Dec 29, 2021

Trendnet AC2600 TEW-827DRU version 2.08B01 does not properly implement csrf protections. Most... High Unreviewed

CVE-2021-20165 was published Dec 31, 2021

The WP Coder WordPress plugin before 2.5.2 within the wow-company admin menu page allows to... High Unreviewed

CVE-2021-25053 was published Jan 11, 2022

Previous 1 2 3 4 5 … 95 96 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,393 advisories