Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,976 advisories

Loading
Skyworth Digital Technology RN510 V.3.1.0.4 contains a cross-site request forgery (CSRF)... Moderate Unreviewed
CVE-2021-25327 was published May 24, 2022
Cross-Site Request Forgery in OWASP CSRFGuard High
CVE-2021-28490 was published for org.owasp:csrfguard (Maven) May 24, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in The Uniform Server 5.6.5 allow... Low Unreviewed
CVE-2010-2113 was published May 17, 2022
The JivoChat Live Chat WordPress plugin before 1.3.5.4 does not properly check CSRF tokens on... Moderate Unreviewed
CVE-2022-0642 was published May 31, 2022
Cross Site Request Forgery (CSRF) vulnerability in PbootCMS v2.0.3 via /admin.php?p=/User/index. High Unreviewed
CVE-2020-20971 was published Jun 3, 2022
The ultimate-category-excluder plugin before 1.2 for WordPress allows ultimate-category-excluder... High Unreviewed
CVE-2020-35135 was published May 24, 2022
XWiki Cross-Site Request Forgery (CSRF) for actions on tags Moderate
CVE-2022-36095 was published for org.xwiki.platform:xwiki-platform-web-templates (Maven) Sep 16, 2022
Cross-site request forgery (CSRF) vulnerability in user/user-set.do in Pacific Timesheet 6.74... Moderate Unreviewed
CVE-2010-2111 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0),... Moderate Unreviewed
CVE-2008-6744 was published May 17, 2022
Sipwise C5 NGCP CSC through CE_m39.3.1 allows call/click2dial CSRF attacks for actions with... High Unreviewed
CVE-2021-31584 was published May 24, 2022
Cross Site Request Forgery (CSRF) in JuQingCMS v1.0 allows remote attackers to gain local... High Unreviewed
CVE-2020-18648 was published May 24, 2022
The WP Login Security and History WordPress plugin through 1.0 did not have CSRF check when... Moderate Unreviewed
CVE-2021-24328 was published May 24, 2022
The Content Copy Protection & Prevent Image Save WordPress plugin through 1.3 does not check for... Moderate Unreviewed
CVE-2021-24333 was published May 24, 2022
This Gallery from files WordPress plugin through 1.6.0 gives the functionality of uploading... Moderate Unreviewed
CVE-2021-24349 was published May 24, 2022
A cross-site request forgery (CSRF) vulnerability has been reported to affect QNAP device running... High Unreviewed
CVE-2021-34360 was published May 27, 2022
The Bulk Page Creator WordPress plugin before 1.1.4 does not protect its page creation... High Unreviewed
CVE-2022-1611 was published May 31, 2022
IBM Business Automation Workflow traditional 21.0.1 through 21.0.3, 20.0.0.1 through 20.0.0.2, 19... Moderate Unreviewed
CVE-2022-22361 was published Jun 1, 2022
Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 allows remote attackers to... Moderate Unreviewed
CVE-2010-1611 was published May 17, 2022
Cross Site Request Forgery in Mingsoft MCMS High
CVE-2022-29647 was published for net.mingsoft:ms-mcms (Maven) Jun 3, 2022
Cross-site request forgery (CSRF) vulnerability in Atlassian JIRA Enterprise Edition 3.13 allows... Moderate Unreviewed
CVE-2008-6832 was published May 17, 2022
Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 allows attackers to execute... High Unreviewed
CVE-2022-29735 was published Jun 3, 2022
The LiveSync for WordPress plugin through 1.0 does not have CSRF check in place when updating its... Moderate Unreviewed
CVE-2022-1712 was published Jun 9, 2022
A Cross-site request forgery (CSRF) vulnerability in Cscms music portal system v4.2 allows remote... Moderate Unreviewed
CVE-2022-30898 was published Jun 10, 2022
The Ask me WordPress theme before 6.8.2 does not perform CSRF checks for any of its AJAX actions,... Moderate Unreviewed
CVE-2022-1424 was published Jun 9, 2022
IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request... High Unreviewed
CVE-2022-22479 was published Jun 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database