Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,709 advisories

Loading
Cross Site Request Forgery in Mingsoft MCMS High
CVE-2022-29647 was published for net.mingsoft:ms-mcms (Maven) Jun 3, 2022
The Bulk Page Creator WordPress plugin before 1.1.4 does not protect its page creation... High Unreviewed
CVE-2022-1611 was published May 31, 2022
A cross-site request forgery (CSRF) vulnerability has been reported to affect QNAP device running... High Unreviewed
CVE-2021-34360 was published May 27, 2022
Cross Site Request Forgery (CSRF) in JuQingCMS v1.0 allows remote attackers to gain local... High Unreviewed
CVE-2020-18648 was published May 24, 2022
Sipwise C5 NGCP CSC through CE_m39.3.1 allows call/click2dial CSRF attacks for actions with... High Unreviewed
CVE-2021-31584 was published May 24, 2022
The ultimate-category-excluder plugin before 1.2 for WordPress allows ultimate-category-excluder... High Unreviewed
CVE-2020-35135 was published May 24, 2022
Cross Site Request Forgery (CSRF) vulnerability in PbootCMS v2.0.3 via /admin.php?p=/User/index. High Unreviewed
CVE-2020-20971 was published Jun 3, 2022
Cross-Site Request Forgery in OWASP CSRFGuard High
CVE-2021-28490 was published for org.owasp:csrfguard (Maven) May 24, 2022
NodeBB account takeover via SSO plugins High
CVE-2022-36076 was published for nodebb (npm) Sep 16, 2022
Cross-site request forgery (CSRF) vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote... High Unreviewed
CVE-2019-5963 was published May 24, 2022
Cross-Site Request Forgery in Jenkins High
CVE-2017-1000356 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Cross-Site Request Forgery in XXL-Job High
CVE-2022-29002 was published for com.xuxueli:xxl-job (Maven) May 24, 2022
Cross-Site Request Forgery in Jolokia High
CVE-2018-10899 was published for org.jolokia:jolokia-core (Maven) May 24, 2022
Cross-Site Request Forgery (CSRF) in Virgial Berveling's Manage Notification E-mails plugin <= 1... High Unreviewed
CVE-2022-34654 was published Nov 28, 2022
Cross-Site Request Forgery in Jenkins Git Plugin High
CVE-2017-1000092 was published for org.jenkins-ci.plugins:git (Maven) May 17, 2022
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site request forgery which... High Unreviewed
CVE-2021-38886 was published Apr 23, 2022
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the... High Unreviewed
CVE-2022-27375 was published Apr 26, 2022
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the... High Unreviewed
CVE-2022-27374 was published Apr 26, 2022
All versions of Uffizio GPS Tracker may allow an attacker to perform unintended actions on behalf... High Unreviewed
CVE-2021-32929 was published Apr 23, 2022
Cross Site Request Forgery in Mingsoft MCMS High
CVE-2022-27340 was published for net.mingsoft:ms-mcms (Maven) Apr 23, 2022
Selenium Selenium Grid (formerly Selenium Standalone Server) Fixed in 4.0.0-alpha-7 is affected... High Unreviewed
CVE-2022-28109 was published Apr 16, 2022
Cross-site request forgery (CSRF) vulnerability in 'MicroPayments - Paid Author Subscriptions,... High Unreviewed
CVE-2022-27629 was published Apr 21, 2022
Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an... High Unreviewed
CVE-2022-23976 was published Apr 19, 2022
The Fancy Product Designer plugin for WordPress is vulnerable to Cross-Site Request Forgery via... High Unreviewed
CVE-2021-4096 was published Apr 20, 2022
A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron... High Unreviewed
CVE-2021-32156 was published Apr 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database