GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,394 advisories
Filter by severity
The Directorist WordPress plugin before 7.0.6.2 was vulnerable to Cross-Site Request Forgery to...
High
Unreviewed
CVE-2021-24981
was published
Dec 22, 2021
Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS) discovered...
High
Unreviewed
CVE-2021-36887
was published
Dec 21, 2021
Cross Site Request Forgery (CSRF) vulnerability exits in Catfish <=6.1.* when you upload an html...
High
Unreviewed
CVE-2021-45017
was published
Dec 17, 2021
The Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation...
High
Unreviewed
CVE-2021-24945
was published
Dec 14, 2021
A Cross Site Request Forgery (CSRF) vulnerability exits in ZZZCMS V1.7.1 via the save_user...
High
Unreviewed
CVE-2020-19682
was published
Dec 10, 2021
The Tawk.To Live Chat WordPress plugin before 0.6.0 does not have capability and CSRF checks in...
High
Unreviewed
CVE-2021-24914
was published
Dec 7, 2021
Serv-U server responds with valid CSRFToken when the request contains only Session.
High
Unreviewed
CVE-2021-35242
was published
Dec 7, 2021
b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the User...
High
Unreviewed
CVE-2021-31631
was published
Dec 7, 2021
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site request forgery (CSRF) in the...
High
Unreviewed
CVE-2021-29756
was published
Dec 4, 2021
Cross-site request forgery (CSRF) vulnerability in Browser and Operating System Finder versions...
High
Unreviewed
CVE-2021-20851
was published
Dec 2, 2021
Cross-site request forgery (CSRF) vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1...
High
Unreviewed
CVE-2021-20860
was published
Dec 2, 2021
Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel...
High
Unreviewed
CVE-2021-43137
was published
Dec 2, 2021
The Contact Form With Captcha WordPress plugin is vulnerable to Cross-Site Request Forgery due to...
High
Unreviewed
CVE-2021-42358
was published
Nov 30, 2021
The Stetic WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce...
High
Unreviewed
CVE-2021-42364
was published
Nov 30, 2021
Cross-site request forgery (CSRF) vulnerability in Unlimited Sitemap Generator versions prior to...
High
Unreviewed
CVE-2021-20845
was published
Nov 25, 2021
We have already fixed this vulnerability in the following versions of QmailAgent: QmailAgent 3.0...
High
Unreviewed
CVE-2021-34358
was published
Nov 21, 2021
The Easy Registration Forms WordPress plugin is vulnerable to Cross-Site Request Forgery due to...
High
Unreviewed
CVE-2021-39353
was published
Nov 20, 2021
Team Password Manager (aka TeamPasswordManager) before 10.135.236 has a CSRF vulnerability during...
High
Unreviewed
CVE-2021-44036
was published
Nov 20, 2021
Cross-Site Request Forgery (CSRF) vulnerability leading to Database Reset in WordPress WP Reset...
High
Unreviewed
CVE-2021-36908
was published
Nov 19, 2021
ProTip!
Advisories are also available from the
GraphQL API