GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,784

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,015 advisories

Filter by severity

Sort by

Least recently updated

The Social Warfare plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions... Moderate Unreviewed

CVE-2023-0403 was published Jan 19, 2023

Fiori launchpad - versions 754, 755, 756, does not sufficiently encode user-controlled inputs,... Moderate Unreviewed

CVE-2022-26101 was published Mar 11, 2022

Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1... Moderate Unreviewed

CVE-2011-0629 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in admin/conf_users_edit.php in PHP Link... Moderate Unreviewed

CVE-2011-0643 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in news/admin.php in N-13 News 3.4, 3.7, and 4.0... Moderate Unreviewed

CVE-2011-0642 was published May 17, 2022

Multiple cross-site request forgery (CSRF) vulnerabilities in the configuration screen in wp... Moderate Unreviewed

CVE-2011-0760 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in Mahara 1.2.x before 1.2.7 and 1.3.x before 1.3... Moderate Unreviewed

CVE-2011-0440 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in usercp2.php in MyBB (aka MyBulletinBoard)... Moderate Unreviewed

CVE-2010-4627 was published May 17, 2022

The Amelia WordPress plugin before 1.0.47 does not have CSRF check in place when deleting... Moderate Unreviewed

CVE-2022-0616 was published Mar 22, 2022

Cross-Site Request Forgery (CSRF) in GitHub repository crater-invoice/crater prior to 6.0.4. Moderate Unreviewed

CVE-2022-0515 was published Mar 22, 2022

An issus was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can... Moderate Unreviewed

CVE-2021-43737 was published Mar 24, 2022

Cross-Site Request Forgery (CSRF) in Yoo Slider – Image Slider & Video Slider (WordPress plugin)... Moderate Unreviewed

CVE-2022-25608 was published Mar 24, 2022

The Simple Membership WordPress plugin before 4.1.0 does not have CSRF check in place when... Moderate Unreviewed

CVE-2022-0681 was published Mar 22, 2022

Cross-site request forgery (CSRF) vulnerability in HP Insight Control for Linux before 6.2 allows... Moderate Unreviewed

CVE-2010-4106 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management... Moderate Unreviewed

CVE-2010-4032 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in the file manager service (Services/FileService... Moderate Unreviewed

CVE-2010-3603 was published May 17, 2022

The FormBuilder WordPress plugin through 1.08 does not have CSRF checks in place when creating... Moderate Unreviewed

CVE-2022-0830 was published Apr 5, 2022

Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress... Moderate Unreviewed

CVE-2022-25615 was published Apr 12, 2022

The Export All URLs WordPress plugin before 4.3 does not have CSRF in place when exporting data,... Moderate Unreviewed

CVE-2022-0914 was published Apr 12, 2022

A Cross-Site Request Forgery (CSRF) in IceHrm 31.0.0.OS allows attackers to delete arbitrary... Moderate Unreviewed

CVE-2022-26588 was published Apr 9, 2022

Cross-Site Request Forgery (CSRF) vulnerability in Yooslider Yoo Slider <= 2.0.0 on WordPress... Moderate Unreviewed

CVE-2022-27847 was published Apr 14, 2022

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site... Moderate Unreviewed

CVE-2022-22959 was published Apr 14, 2022

Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress... Moderate Unreviewed

CVE-2022-25614 was published Apr 12, 2022

An issue was discovered in baijiacms v4. There is a CSRF vulnerability that can modify the store... Moderate Unreviewed

CVE-2021-34250 was published Apr 12, 2022

Cross-Site Request Forgery (CSRF) vulnerability in Yooslider Yoo Slider <= 2.0.0 on WordPress... Moderate Unreviewed

CVE-2022-27846 was published Apr 14, 2022

Previous 1 2 3 4 5 … 120 121 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,015 advisories