Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

6,709 advisories

Loading
Fusion News 3.6.1 allows remote attackers to add user accounts, if the administrator is logged in... High Unreviewed
CVE-2004-1703 was published Apr 29, 2022
Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) in Shea Bunge's Footer... Moderate Unreviewed
CVE-2022-27860 was published Apr 29, 2022
Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery ... High Unreviewed
CVE-2022-28892 was published Apr 29, 2022
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Hermit ????? plugin <= 3.1.6 on... Moderate Unreviewed
CVE-2022-29412 was published Apr 29, 2022
Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in Mufeng's Hermit... Moderate Unreviewed
CVE-2022-29413 was published Apr 29, 2022
The Deviceconnect microservice through 1.3.0 in Northern.tech Mender Enterprise before 3.2.2.... High Unreviewed
CVE-2022-29555 was published Apr 29, 2022
Malfunction of CSRF token validation in Shopware High
CVE-2022-24879 was published for shopware/shopware (Composer) Apr 28, 2022
The myCred WordPress plugin before 2.4.4 does not have any authorisation and CSRF checks in the... Moderate Unreviewed
CVE-2022-0363 was published Apr 26, 2022
The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in... Moderate Unreviewed
CVE-2021-24805 was published Apr 26, 2022
The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 lacks authorization... Moderate Unreviewed
CVE-2022-0634 was published Apr 26, 2022
The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 does not have... Moderate Unreviewed
CVE-2022-0398 was published Apr 26, 2022
The myCred WordPress plugin before 2.4.4 does not have authorisation and CSRF checks in its... Moderate Unreviewed
CVE-2022-1092 was published Apr 26, 2022
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the... High Unreviewed
CVE-2022-27375 was published Apr 26, 2022
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the... High Unreviewed
CVE-2022-27374 was published Apr 26, 2022
A cross-site request forgery (CSRF) vulnerability in the Activity module 6.x-1.x for Drupal. High Unreviewed
CVE-2012-2079 was published Apr 23, 2022
All versions of Uffizio GPS Tracker may allow an attacker to perform unintended actions on behalf... High Unreviewed
CVE-2021-32929 was published Apr 23, 2022
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site request forgery which... High Unreviewed
CVE-2021-38886 was published Apr 23, 2022
Cross Site Request Forgery in Mingsoft MCMS High
CVE-2022-27340 was published for net.mingsoft:ms-mcms (Maven) Apr 23, 2022
A Cross-site Request Forgery (CSRF) vulnerability exists in Advanced Electron Forums (AEF)... High Unreviewed
CVE-2011-3582 was published Apr 22, 2022
A Cross Site Request Forgery (CSRF) vulnerability exists in the administrator functions in... High Unreviewed
CVE-2011-2934 was published Apr 22, 2022
A CSRF issue was found in JBoss Application Server 7 before 7.1.0. JBoss did not properly... Moderate Unreviewed
CVE-2011-3609 was published Apr 22, 2022
Cobbler Web Interface Lacks CSRF Protection High
CVE-2011-4952 was published for cobbler (pip) Apr 22, 2022
The user-access-manager plugin before 1.2 for WordPress has CSRF. High Unreviewed
CVE-2011-5328 was published Apr 22, 2022
A vulnerability in the web-based management interface of Cisco Unified Communications Manager ... Moderate Unreviewed
CVE-2022-20787 was published Apr 22, 2022
Tiki Wiki CMS Groupware 5.2 has CSRF High Unreviewed
CVE-2010-4241 was published Apr 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database