Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,144
NuGet
735
pip
3,947
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,977 advisories

Loading
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. The username and password... Moderate Unreviewed
CVE-2022-30328 was published Jun 17, 2022
Wellcms 2.2.0 is vulnerable to Cross Site Request Forgery (CSRF). High Unreviewed
CVE-2022-36579 was published Aug 20, 2022
An issue was discovered in jizhicms v2.3.1. There is a CSRF vulnerability that can add a admin. High Unreviewed
CVE-2022-36577 was published Aug 20, 2022
The Swifty Page Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in... High Unreviewed
CVE-2023-0088 was published Jan 5, 2023
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to... High Unreviewed
CVE-2017-3794 was published May 17, 2022
Cross-Site Request Forgery (CSRF) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at... Moderate Unreviewed
CVE-2022-29439 was published Jun 16, 2022
A vulnerability, which was classified as critical, has been found in AXIS P1204, P3225, P3367,... High Unreviewed
CVE-2017-20048 was published Jun 16, 2022
Cross-Site Request Forgery (CSRF) vulnerability in API KEY for Google Maps plugin <= 1.2.1 at... Moderate Unreviewed
CVE-2022-29453 was published Jun 16, 2022
The Hot Linked Image Cacher WordPress plugin through 1.16 is vulnerable to CSRF. This can be used... High Unreviewed
CVE-2022-1765 was published Jun 14, 2022
A vulnerability classified as problematic has been found in AXIS P1204, P3225, P3367, M3045,... High Unreviewed
CVE-2017-20046 was published Jun 16, 2022
Due to missing checks the Static Page eXtended WordPress plugin through 2.1 is vulnerable to CSRF... Moderate Unreviewed
CVE-2022-1763 was published Jun 14, 2022
The Woo Billingo Plus WordPress plugin before 4.4.5.4, Integration for Billingo & Gravity Forms... High Unreviewed
CVE-2022-3154 was published Oct 11, 2022
The underConstruction WordPress plugin before 1.20 does not have CSRF check in place when... Moderate Unreviewed
CVE-2022-1895 was published Jun 21, 2022
The Seamless Donations WordPress plugin before 5.1.9 does not have CSRF check in place when... Moderate Unreviewed
CVE-2022-1610 was published Jun 21, 2022
The PDF24 Article To PDF WordPress plugin through 4.2.2 does not have CSRF check in place when... Moderate Unreviewed
CVE-2022-1827 was published Jun 21, 2022
The Inline Google Maps WordPress plugin through 5.11 does not have CSRF check in place when... Moderate Unreviewed
CVE-2022-1829 was published Jun 21, 2022
The Multi-page Toolkit WordPress plugin through 2.6 does not have CSRF check in place when... Moderate Unreviewed
CVE-2022-1818 was published Jun 21, 2022
A vulnerability was found in Navetti PricePoint 4.6.0.0. It has been declared as critical. This... High Unreviewed
CVE-2017-20045 was published Jun 14, 2022
A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been declared as... Moderate Unreviewed
CVE-2017-20053 was published Jun 17, 2022
The LaTeX for WordPress plugin through 3.4.10 does not have CSRF check in place when updating its... Moderate Unreviewed
CVE-2022-1780 was published Jun 14, 2022
The Leaflet Map WordPress plugin before 3.0.0 does not verify the CSRF nonce when saving its... Moderate Unreviewed
CVE-2021-24467 was published May 24, 2022
XunRuiCMS V4.5.6 is vulnerable to Cross Site Request Forgery (CSRF). High Unreviewed
CVE-2022-36224 was published Aug 20, 2022
The One Click Plugin Updater WordPress plugin through 2.4.14 does not have CSRF check in place... High Unreviewed
CVE-2022-1791 was published Jun 14, 2022
Cross-Site Request Forgery (CSRF) exists in Hashtopus 1.5g via the password parameter to admin... High Unreviewed
CVE-2017-11679 was published May 17, 2022
IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to... High Unreviewed
CVE-2016-9716 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database