GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,174

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

7,976 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook Web Access (owa/ev.owa) 2007... Moderate Unreviewed

CVE-2010-3213 was published May 17, 2022

Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an... Moderate Unreviewed

CVE-2022-23975 was published Apr 19, 2022

A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron... High Unreviewed

CVE-2021-32156 was published Apr 12, 2022

A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and... High Unreviewed

CVE-2021-32159 was published Apr 12, 2022

Cross-Site Request Forgery (CSRF) in Simple Ajax Chat (WordPress plugin) <= 20220115 allows an... Moderate Unreviewed

CVE-2022-27850 was published Apr 16, 2022

The Fancy Product Designer plugin for WordPress is vulnerable to Cross-Site Request Forgery via... High Unreviewed

CVE-2021-4096 was published Apr 20, 2022

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could... Moderate Unreviewed

CVE-2022-20735 was published Apr 16, 2022

Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an... High Unreviewed

CVE-2022-23976 was published Apr 19, 2022

The Product Table for WooCommerce (wooproducttable) WordPress plugin before 3.1.2 does not have... Critical Unreviewed

CVE-2022-1020 was published Apr 19, 2022

A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to delete arbitrary pages. Moderate Unreviewed

CVE-2022-26589 was published Apr 14, 2022

Cross-site request forgery (CSRF) vulnerability in 'MicroPayments - Paid Author Subscriptions,... High Unreviewed

CVE-2022-27629 was published Apr 21, 2022

Cross-Site Request Forgery (CSRF) in Use Any Font (WordPress plugin) <= 6.1.7 allows an attacker... Moderate Unreviewed

CVE-2022-27851 was published Apr 16, 2022

Selenium Selenium Grid (formerly Selenium Standalone Server) Fixed in 4.0.0-alpha-7 is affected... High Unreviewed

CVE-2022-28109 was published Apr 16, 2022

Cross Site Request Forgery in Mingsoft MCMS High

CVE-2022-27340 was published for net.mingsoft:ms-mcms (Maven) Apr 23, 2022

All versions of Uffizio GPS Tracker may allow an attacker to perform unintended actions on behalf... High Unreviewed

CVE-2021-32929 was published Apr 23, 2022

The Autolinks WordPress plugin through 1.0.1 does not have CSRF check in place when updating its... Moderate Unreviewed

CVE-2022-1112 was published Apr 19, 2022

The Easy Digital Downloads WordPress plugin before 2.11.6 does not have CSRF check in place when... Moderate Unreviewed

CVE-2022-0707 was published Apr 19, 2022

Multiple cross-site request forgery (CSRF) vulnerabilities in user/main/update_user in... Moderate Unreviewed

CVE-2010-3024 was published May 17, 2022

A vulnerability in the web-based management interface of Cisco Unified Communications Manager ... Moderate Unreviewed

CVE-2022-20787 was published Apr 22, 2022

The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in... Moderate Unreviewed

CVE-2021-24805 was published Apr 26, 2022

Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the... High Unreviewed

CVE-2022-27374 was published Apr 26, 2022

Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the... High Unreviewed

CVE-2022-27375 was published Apr 26, 2022

Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Add function... Moderate Unreviewed

CVE-2022-44937 was published Nov 28, 2022

Cross-Site Request Forgery in Jenkins Moderate

CVE-2018-1000195 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022

Cross-Site Request Forgery in Jenkins Moderate

CVE-2017-2613 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022

Previous 1…4…320 Next

Previous 1 2 3 4 5 6 … 319 320 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

7,976 advisories