Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,778
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,784 advisories

Loading
Cross-Site Request Forgery in Anchor CMS Moderate
CVE-2022-25576 was published for anchorcms/anchor-cms (Composer) Mar 26, 2022
Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE... High Unreviewed
CVE-2022-0427 was published Mar 29, 2022
The Translate WordPress with GTranslate WordPress plugin before 2.9.9 does not have CSRF check in... High Unreviewed
CVE-2022-0770 was published Mar 29, 2022
The Sermon Browser WordPress plugin through 0.45.22 does not have CSRF checks in place when... High Unreviewed
CVE-2022-0499 was published Mar 29, 2022
Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management... Moderate Unreviewed
CVE-2010-4032 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in HP Insight Control for Linux before 6.2 allows... Moderate Unreviewed
CVE-2010-4106 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the file manager service (Services/FileService... Moderate Unreviewed
CVE-2010-3603 was published May 17, 2022
An issue was discovered in Firmware Analysis and Comparison Tool v3.2. Logged in administrators... High Unreviewed
CVE-2021-44312 was published Mar 31, 2022
A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to change the password... High Unreviewed
CVE-2022-27432 was published Mar 31, 2022
Cross-Site Request Forgery in YOURLS Low
CVE-2022-0088 was published for yourls/yourls (Composer) Apr 4, 2022
The FormBuilder WordPress plugin through 1.08 does not have CSRF checks in place when creating... Moderate Unreviewed
CVE-2022-0830 was published Apr 5, 2022
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800... High Unreviewed
CVE-2022-20774 was published Apr 7, 2022
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3,... High Unreviewed
CVE-2020-4668 was published Apr 9, 2022
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a Cross-Site Request Forgery ... High Unreviewed
CVE-2022-36546 was published Aug 27, 2022
Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress... Moderate Unreviewed
CVE-2022-25615 was published Apr 12, 2022
The Export All URLs WordPress plugin before 4.3 does not have CSRF in place when exporting data,... Moderate Unreviewed
CVE-2022-0914 was published Apr 12, 2022
qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/update URI. High Unreviewed
CVE-2022-26180 was published Apr 9, 2022
A Cross-Site Request Forgery (CSRF) in IceHrm 31.0.0.OS allows attackers to delete arbitrary... Moderate Unreviewed
CVE-2022-26588 was published Apr 9, 2022
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager... High Unreviewed
CVE-2021-32162 was published Apr 12, 2022
Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress... Moderate Unreviewed
CVE-2022-25614 was published Apr 12, 2022
Cross-Site Request Forgery (CSRF) vulnerability in Yooslider Yoo Slider <= 2.0.0 on WordPress... Moderate Unreviewed
CVE-2022-27847 was published Apr 14, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site... Moderate Unreviewed
CVE-2022-22959 was published Apr 14, 2022
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,... High Unreviewed
CVE-2022-25754 was published Apr 13, 2022
An issue was discovered in baijiacms v4. There is a CSRF vulnerability that can modify the store... Moderate Unreviewed
CVE-2021-34250 was published Apr 12, 2022
CSRF vulnerability in Jenkins Publish Over FTP Plugin High
CVE-2022-29050 was published for org.jenkins-ci.plugins:publish-over-ftp (Maven) Apr 13, 2022
westonsteimel
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database