GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,905
Composer 4,049
Erlang 29
GitHub Actions 18
Go 1,871
Maven 5,069
npm 3,597
NuGet 638
pip 3,198
Pub 10
RubyGems 852
Rust 809
Swift 35

Unreviewed advisories

All unreviewed 226,933

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

5,949 advisories

Filter by severity

Sort by

Least recently updated

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, CSRF in the forgot password function... High Unreviewed

CVE-2019-13477 was published May 24, 2022

The Social Warfare plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions... Moderate Unreviewed

CVE-2023-0403 was published Jan 19, 2023

Cross-site request forgery vulnerability in Jenkins JIRA Pipeline Steps Plugin Moderate

CVE-2023-24437 was published for org.jenkins-ci.plugins:jira-steps (Maven) Jan 26, 2023

Cross Site Request Forgery in mailman High

CVE-2021-44227 was published for mailman (pip) Dec 16, 2021

Fiori launchpad - versions 754, 755, 756, does not sufficiently encode user-controlled inputs,... Moderate Unreviewed

CVE-2022-26101 was published Mar 11, 2022

CSRF vulnerability in Jenkins SWAMP Plugin allows capturing credentials Moderate

CVE-2022-25212 was published for org.continuousassurance.swamp.jenkins:swamp (Maven) Feb 16, 2022

Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and... High Unreviewed

CVE-2022-25600 was published Mar 12, 2022

An issue was discovered in PONTON X/P Messenger before 3.11.2. Anti-CSRF tokens are globally... High Unreviewed

CVE-2021-45886 was published Mar 14, 2022

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse... Low Unreviewed

CVE-2022-22348 was published Mar 15, 2022

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to cross-site... High Unreviewed

CVE-2022-22346 was published Mar 15, 2022

Multiple cross-site request forgery (CSRF) vulnerabilities in the configuration screen in wp... Moderate Unreviewed

CVE-2011-0760 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in admin/conf_users_edit.php in PHP Link... Moderate Unreviewed

CVE-2011-0643 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in news/admin.php in N-13 News 3.4, 3.7, and 4.0... Moderate Unreviewed

CVE-2011-0642 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1... Moderate Unreviewed

CVE-2011-0629 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in Mahara 1.2.x before 1.2.7 and 1.3.x before 1.3... Moderate Unreviewed

CVE-2011-0440 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in usercp2.php in MyBB (aka MyBulletinBoard)... Moderate Unreviewed

CVE-2010-4627 was published May 17, 2022

Cross-site Request Forgery in fastify-csrf High

CVE-2020-28482 was published for fastify-csrf (npm) Jan 20, 2021

Predictable CSRF tokens in centreon/centreon Moderate

CVE-2021-28055 was published for centreon/centreon (Composer) Jun 8, 2021

A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to... High Unreviewed

CVE-2022-27226 was published Mar 20, 2022

The Amelia WordPress plugin before 1.0.47 does not have CSRF check in place when deleting... Moderate Unreviewed

CVE-2022-0616 was published Mar 22, 2022

Cross-Site Request Forgery (CSRF) in GitHub repository crater-invoice/crater prior to 6.0.4. Moderate Unreviewed

CVE-2022-0515 was published Mar 22, 2022

A Cross-Site Request Forgery (CSRF) in the management portal of Snapt Aria v12.8 allows attackers... High Unreviewed

CVE-2022-24235 was published Mar 22, 2022

A Cross-Site Request Forgery (CSRF) in Chamilo LMS 1.11.14 allows attackers to execute arbitrary... High Unreviewed

CVE-2021-40662 was published Mar 22, 2022

An issus was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can... Moderate Unreviewed

CVE-2021-43737 was published Mar 24, 2022

Cross-Site Request Forgery (CSRF) in Yoo Slider – Image Slider & Video Slider (WordPress plugin)... Moderate Unreviewed

CVE-2022-25608 was published Mar 24, 2022

Previous 1 2 3 4 5 … 237 238 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

5,949 advisories