GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,354 advisories

Filter by severity

Sort by

Least recently updated

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, CSRF in the forgot password function... High Unreviewed

CVE-2019-13477 was published May 24, 2022

Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and... High Unreviewed

CVE-2022-25600 was published Mar 12, 2022

An issue was discovered in PONTON X/P Messenger before 3.11.2. Anti-CSRF tokens are globally... High Unreviewed

CVE-2021-45886 was published Mar 14, 2022

IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to cross-site... High Unreviewed

CVE-2022-22346 was published Mar 15, 2022

A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to... High Unreviewed

CVE-2022-27226 was published Mar 20, 2022

A Cross-Site Request Forgery (CSRF) in the management portal of Snapt Aria v12.8 allows attackers... High Unreviewed

CVE-2022-24235 was published Mar 22, 2022

A Cross-Site Request Forgery (CSRF) in Chamilo LMS 1.11.14 allows attackers to execute arbitrary... High Unreviewed

CVE-2021-40662 was published Mar 22, 2022

Passwork On-Premise Edition before 4.6.13 allows CSRF via the groups, password, and history... High Unreviewed

CVE-2022-25268 was published Mar 25, 2022

TypesetterCMS v5.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which is... High Unreviewed

CVE-2022-25523 was published Mar 26, 2022

BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF). High Unreviewed

CVE-2022-23349 was published Mar 22, 2022

An issue was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can that... High Unreviewed

CVE-2021-43738 was published Mar 24, 2022

Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE... High Unreviewed

CVE-2022-0427 was published Mar 29, 2022

The Translate WordPress with GTranslate WordPress plugin before 2.9.9 does not have CSRF check in... High Unreviewed

CVE-2022-0770 was published Mar 29, 2022

The Sermon Browser WordPress plugin through 0.45.22 does not have CSRF checks in place when... High Unreviewed

CVE-2022-0499 was published Mar 29, 2022

An issue was discovered in Firmware Analysis and Comparison Tool v3.2. Logged in administrators... High Unreviewed

CVE-2021-44312 was published Mar 31, 2022

A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to change the password... High Unreviewed

CVE-2022-27432 was published Mar 31, 2022

A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800... High Unreviewed

CVE-2022-20774 was published Apr 7, 2022

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3,... High Unreviewed

CVE-2020-4668 was published Apr 9, 2022

Edoc-doctor-appointment-system v1.0.1 was discovered to contain a Cross-Site Request Forgery ... High Unreviewed

CVE-2022-36546 was published Aug 27, 2022

qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/update URI. High Unreviewed

CVE-2022-26180 was published Apr 9, 2022

A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager... High Unreviewed

CVE-2021-32162 was published Apr 12, 2022

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,... High Unreviewed

CVE-2022-25754 was published Apr 13, 2022

The Visual Form Builder WordPress plugin before 3.0.8 does not enforce nonce checks which could... High Unreviewed

CVE-2022-0141 was published Apr 13, 2022

A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and... High Unreviewed

CVE-2021-32159 was published Apr 12, 2022

A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron... High Unreviewed

CVE-2021-32156 was published Apr 12, 2022

Previous 1 2 3 4 5 … 94 95 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,354 advisories