GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,065 advisories
Filter by severity
The Social Warfare plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions...
Moderate
Unreviewed
CVE-2023-0403
was published
Jan 19, 2023
Fiori launchpad - versions 754, 755, 756, does not sufficiently encode user-controlled inputs,...
Moderate
Unreviewed
CVE-2022-26101
was published
Mar 11, 2022
Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1...
Moderate
Unreviewed
CVE-2011-0629
was published
May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the configuration screen in wp...
Moderate
Unreviewed
CVE-2011-0760
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in news/admin.php in N-13 News 3.4, 3.7, and 4.0...
Moderate
Unreviewed
CVE-2011-0642
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in admin/conf_users_edit.php in PHP Link...
Moderate
Unreviewed
CVE-2011-0643
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Mahara 1.2.x before 1.2.7 and 1.3.x before 1.3...
Moderate
Unreviewed
CVE-2011-0440
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in usercp2.php in MyBB (aka MyBulletinBoard)...
Moderate
Unreviewed
CVE-2010-4627
was published
May 17, 2022
The Amelia WordPress plugin before 1.0.47 does not have CSRF check in place when deleting...
Moderate
Unreviewed
CVE-2022-0616
was published
Mar 22, 2022
Cross-Site Request Forgery (CSRF) in GitHub repository crater-invoice/crater prior to 6.0.4.
Moderate
Unreviewed
CVE-2022-0515
was published
Mar 22, 2022
An issus was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can...
Moderate
Unreviewed
CVE-2021-43737
was published
Mar 24, 2022
Cross-Site Request Forgery (CSRF) in Yoo Slider – Image Slider & Video Slider (WordPress plugin)...
Moderate
Unreviewed
CVE-2022-25608
was published
Mar 24, 2022
The Simple Membership WordPress plugin before 4.1.0 does not have CSRF check in place when...
Moderate
Unreviewed
CVE-2022-0681
was published
Mar 22, 2022
Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management...
Moderate
Unreviewed
CVE-2010-4032
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in HP Insight Control for Linux before 6.2 allows...
Moderate
Unreviewed
CVE-2010-4106
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the file manager service (Services/FileService...
Moderate
Unreviewed
CVE-2010-3603
was published
May 17, 2022
The FormBuilder WordPress plugin through 1.08 does not have CSRF checks in place when creating...
Moderate
Unreviewed
CVE-2022-0830
was published
Apr 5, 2022
Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress...
Moderate
Unreviewed
CVE-2022-25615
was published
Apr 12, 2022
The Export All URLs WordPress plugin before 4.3 does not have CSRF in place when exporting data,...
Moderate
Unreviewed
CVE-2022-0914
was published
Apr 12, 2022
A Cross-Site Request Forgery (CSRF) in IceHrm 31.0.0.OS allows attackers to delete arbitrary...
Moderate
Unreviewed
CVE-2022-26588
was published
Apr 9, 2022
Cross-Site Request Forgery (CSRF) vulnerability in Yooslider Yoo Slider <= 2.0.0 on WordPress...
Moderate
Unreviewed
CVE-2022-27847
was published
Apr 14, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site...
Moderate
Unreviewed
CVE-2022-22959
was published
Apr 14, 2022
Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress...
Moderate
Unreviewed
CVE-2022-25614
was published
Apr 12, 2022
An issue was discovered in baijiacms v4. There is a CSRF vulnerability that can modify the store...
Moderate
Unreviewed
CVE-2021-34250
was published
Apr 12, 2022
Cross-Site Request Forgery (CSRF) vulnerability in Yooslider Yoo Slider <= 2.0.0 on WordPress...
Moderate
Unreviewed
CVE-2022-27846
was published
Apr 14, 2022
ProTip!
Advisories are also available from the
GraphQL API