GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,494 advisories
Filter by severity
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, CSRF in the forgot password function...
High
Unreviewed
CVE-2019-13477
was published
May 24, 2022
Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and...
High
Unreviewed
CVE-2022-25600
was published
Mar 12, 2022
An issue was discovered in PONTON X/P Messenger before 3.11.2. Anti-CSRF tokens are globally...
High
Unreviewed
CVE-2021-45886
was published
Mar 14, 2022
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to cross-site...
High
Unreviewed
CVE-2022-22346
was published
Mar 15, 2022
A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to...
High
Unreviewed
CVE-2022-27226
was published
Mar 20, 2022
A Cross-Site Request Forgery (CSRF) in the management portal of Snapt Aria v12.8 allows attackers...
High
Unreviewed
CVE-2022-24235
was published
Mar 22, 2022
A Cross-Site Request Forgery (CSRF) in Chamilo LMS 1.11.14 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2021-40662
was published
Mar 22, 2022
Passwork On-Premise Edition before 4.6.13 allows CSRF via the groups, password, and history...
High
Unreviewed
CVE-2022-25268
was published
Mar 25, 2022
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF).
High
Unreviewed
CVE-2022-23349
was published
Mar 22, 2022
TypesetterCMS v5.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which is...
High
Unreviewed
CVE-2022-25523
was published
Mar 26, 2022
An issue was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can that...
High
Unreviewed
CVE-2021-43738
was published
Mar 24, 2022
Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE...
High
Unreviewed
CVE-2022-0427
was published
Mar 29, 2022
The Sermon Browser WordPress plugin through 0.45.22 does not have CSRF checks in place when...
High
Unreviewed
CVE-2022-0499
was published
Mar 29, 2022
The Translate WordPress with GTranslate WordPress plugin before 2.9.9 does not have CSRF check in...
High
Unreviewed
CVE-2022-0770
was published
Mar 29, 2022
An issue was discovered in Firmware Analysis and Comparison Tool v3.2. Logged in administrators...
High
Unreviewed
CVE-2021-44312
was published
Mar 31, 2022
A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to change the password...
High
Unreviewed
CVE-2022-27432
was published
Mar 31, 2022
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800...
High
Unreviewed
CVE-2022-20774
was published
Apr 7, 2022
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3,...
High
Unreviewed
CVE-2020-4668
was published
Apr 9, 2022
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a Cross-Site Request Forgery ...
High
Unreviewed
CVE-2022-36546
was published
Aug 27, 2022
qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/update URI.
High
Unreviewed
CVE-2022-26180
was published
Apr 9, 2022
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager...
High
Unreviewed
CVE-2021-32162
was published
Apr 12, 2022
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,...
High
Unreviewed
CVE-2022-25754
was published
Apr 13, 2022
The Visual Form Builder WordPress plugin before 3.0.8 does not enforce nonce checks which could...
High
Unreviewed
CVE-2022-0141
was published
Apr 13, 2022
A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron...
High
Unreviewed
CVE-2021-32156
was published
Apr 12, 2022
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and...
High
Unreviewed
CVE-2021-32159
was published
Apr 12, 2022
ProTip!
Advisories are also available from the
GraphQL API