GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,769

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,197 advisories

Filter by severity

Sort by

Least recently updated

Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in Mufeng's Hermit... Moderate Unreviewed

CVE-2022-29413 was published Apr 29, 2022

The myCred WordPress plugin before 2.4.4 does not have any authorisation and CSRF checks in the... Moderate Unreviewed

CVE-2022-0363 was published Apr 26, 2022

The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in... Moderate Unreviewed

CVE-2021-24805 was published Apr 26, 2022

The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 lacks authorization... Moderate Unreviewed

CVE-2022-0634 was published Apr 26, 2022

The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 does not have... Moderate Unreviewed

CVE-2022-0398 was published Apr 26, 2022

The myCred WordPress plugin before 2.4.4 does not have authorisation and CSRF checks in its... Moderate Unreviewed

CVE-2022-1092 was published Apr 26, 2022

A CSRF issue was found in JBoss Application Server 7 before 7.1.0. JBoss did not properly... Moderate Unreviewed

CVE-2011-3609 was published Apr 22, 2022

A vulnerability in the web-based management interface of Cisco Unified Communications Manager ... Moderate Unreviewed

CVE-2022-20787 was published Apr 22, 2022

Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an... Moderate Unreviewed

CVE-2022-23975 was published Apr 19, 2022

The Easy Digital Downloads WordPress plugin before 2.11.6 does not have CSRF check in place when... Moderate Unreviewed

CVE-2022-0707 was published Apr 19, 2022

The Autolinks WordPress plugin through 1.0.1 does not have CSRF check in place when updating its... Moderate Unreviewed

CVE-2022-1112 was published Apr 19, 2022

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could... Moderate Unreviewed

CVE-2022-20735 was published Apr 16, 2022

Cross-Site Request Forgery (CSRF) in Simple Ajax Chat (WordPress plugin) <= 20220115 allows an... Moderate Unreviewed

CVE-2022-27850 was published Apr 16, 2022

Cross-Site Request Forgery (CSRF) in Use Any Font (WordPress plugin) <= 6.1.7 allows an attacker... Moderate Unreviewed

CVE-2022-27851 was published Apr 16, 2022

A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to delete arbitrary pages. Moderate Unreviewed

CVE-2022-26589 was published Apr 14, 2022

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site... Moderate Unreviewed

CVE-2022-22959 was published Apr 14, 2022

Cross-Site Request Forgery (CSRF) vulnerability in Yooslider Yoo Slider <= 2.0.0 on WordPress... Moderate Unreviewed

CVE-2022-27846 was published Apr 14, 2022

Cross-Site Request Forgery (CSRF) vulnerability in Yooslider Yoo Slider <= 2.0.0 on WordPress... Moderate Unreviewed

CVE-2022-27847 was published Apr 14, 2022

Cross-Site Request Forgery (CSRF) vulnerability leading to Reflected Cross-Site Scripting (XSS)... Moderate Unreviewed

CVE-2021-36914 was published Apr 13, 2022

An issue was discovered in baijiacms v4. There is a CSRF vulnerability that can modify the store... Moderate Unreviewed

CVE-2021-34250 was published Apr 12, 2022

The Export All URLs WordPress plugin before 4.3 does not have CSRF in place when exporting data,... Moderate Unreviewed

CVE-2022-0914 was published Apr 12, 2022

Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress... Moderate Unreviewed

CVE-2022-25615 was published Apr 12, 2022

Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress... Moderate Unreviewed

CVE-2022-25614 was published Apr 12, 2022

A Cross-Site Request Forgery (CSRF) in IceHrm 31.0.0.OS allows attackers to delete arbitrary... Moderate Unreviewed

CVE-2022-26588 was published Apr 9, 2022

The FormBuilder WordPress plugin through 1.08 does not have CSRF checks in place when creating... Moderate Unreviewed

CVE-2022-0830 was published Apr 5, 2022

Previous 1 2 … 123 124 125 126 127 128 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,197 advisories