Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,098
Maven
5,000+
npm
3,762
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+

6,704 advisories

Loading
The Easy Digital Downloads WordPress plugin before 2.11.6 does not have CSRF check in place when... Moderate Unreviewed
CVE-2022-0707 was published Apr 19, 2022
The Autolinks WordPress plugin through 1.0.1 does not have CSRF check in place when updating its... Moderate Unreviewed
CVE-2022-1112 was published Apr 19, 2022
The Product Table for WooCommerce (wooproducttable) WordPress plugin before 3.1.2 does not have... Critical Unreviewed
CVE-2022-1020 was published Apr 19, 2022
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could... Moderate Unreviewed
CVE-2022-20735 was published Apr 16, 2022
Selenium Selenium Grid (formerly Selenium Standalone Server) Fixed in 4.0.0-alpha-7 is affected... High Unreviewed
CVE-2022-28109 was published Apr 16, 2022
Cross-Site Request Forgery (CSRF) in Simple Ajax Chat (WordPress plugin) <= 20220115 allows an... Moderate Unreviewed
CVE-2022-27850 was published Apr 16, 2022
Cross-Site Request Forgery (CSRF) in Use Any Font (WordPress plugin) <= 6.1.7 allows an attacker... Moderate Unreviewed
CVE-2022-27851 was published Apr 16, 2022
A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to delete arbitrary pages. Moderate Unreviewed
CVE-2022-26589 was published Apr 14, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site... Moderate Unreviewed
CVE-2022-22959 was published Apr 14, 2022
Cross-Site Request Forgery (CSRF) vulnerability in Yooslider Yoo Slider <= 2.0.0 on WordPress... Moderate Unreviewed
CVE-2022-27846 was published Apr 14, 2022
Cross-Site Request Forgery (CSRF) vulnerability in Yooslider Yoo Slider <= 2.0.0 on WordPress... Moderate Unreviewed
CVE-2022-27847 was published Apr 14, 2022
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,... High Unreviewed
CVE-2022-25754 was published Apr 13, 2022
The Visual Form Builder WordPress plugin before 3.0.8 does not enforce nonce checks which could... High Unreviewed
CVE-2022-0141 was published Apr 13, 2022
Cross-Site Request Forgery (CSRF) vulnerability leading to Reflected Cross-Site Scripting (XSS)... Moderate Unreviewed
CVE-2021-36914 was published Apr 13, 2022
CSRF vulnerability in Jenkins Publish Over FTP Plugin High
CVE-2022-29050 was published for org.jenkins-ci.plugins:publish-over-ftp (Maven) Apr 13, 2022
westonsteimel
CSRF vulnerability in Jenkins Subversion Plugin Moderate
CVE-2022-29048 was published for org.jenkins-ci.plugins:subversion (Maven) Apr 13, 2022
NotMyFault
A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron... High Unreviewed
CVE-2021-32156 was published Apr 12, 2022
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and... High Unreviewed
CVE-2021-32159 was published Apr 12, 2022
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager... High Unreviewed
CVE-2021-32162 was published Apr 12, 2022
An issue was discovered in baijiacms v4. There is a CSRF vulnerability that can modify the store... Moderate Unreviewed
CVE-2021-34250 was published Apr 12, 2022
The Export All URLs WordPress plugin before 4.3 does not have CSRF in place when exporting data,... Moderate Unreviewed
CVE-2022-0914 was published Apr 12, 2022
Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress... Moderate Unreviewed
CVE-2022-25615 was published Apr 12, 2022
Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress... Moderate Unreviewed
CVE-2022-25614 was published Apr 12, 2022
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3,... High Unreviewed
CVE-2020-4668 was published Apr 9, 2022
qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/update URI. High Unreviewed
CVE-2022-26180 was published Apr 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database