Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

6,524 advisories

Loading
CSRF vulnerability in Jenkins Publish Over FTP Plugin High
CVE-2022-29050 was published for org.jenkins-ci.plugins:publish-over-ftp (Maven) Apr 13, 2022
westonsteimel
The Visual Form Builder WordPress plugin before 3.0.8 does not enforce nonce checks which could... High Unreviewed
CVE-2022-0141 was published Apr 13, 2022
Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook Web Access (owa/ev.owa) 2007... Moderate Unreviewed
CVE-2010-3213 was published May 17, 2022
A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron... High Unreviewed
CVE-2021-32156 was published Apr 12, 2022
Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an... Moderate Unreviewed
CVE-2022-23975 was published Apr 19, 2022
A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and... High Unreviewed
CVE-2021-32159 was published Apr 12, 2022
The Fancy Product Designer plugin for WordPress is vulnerable to Cross-Site Request Forgery via... High Unreviewed
CVE-2021-4096 was published Apr 20, 2022
Cross-Site Request Forgery (CSRF) in Simple Ajax Chat (WordPress plugin) <= 20220115 allows an... Moderate Unreviewed
CVE-2022-27850 was published Apr 16, 2022
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could... Moderate Unreviewed
CVE-2022-20735 was published Apr 16, 2022
The Product Table for WooCommerce (wooproducttable) WordPress plugin before 3.1.2 does not have... Critical Unreviewed
CVE-2022-1020 was published Apr 19, 2022
Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an... High Unreviewed
CVE-2022-23976 was published Apr 19, 2022
A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to delete arbitrary pages. Moderate Unreviewed
CVE-2022-26589 was published Apr 14, 2022
Cross-site request forgery (CSRF) vulnerability in 'MicroPayments - Paid Author Subscriptions,... High Unreviewed
CVE-2022-27629 was published Apr 21, 2022
Selenium Selenium Grid (formerly Selenium Standalone Server) Fixed in 4.0.0-alpha-7 is affected... High Unreviewed
CVE-2022-28109 was published Apr 16, 2022
Cross Site Request Forgery in Mingsoft MCMS High
CVE-2022-27340 was published for net.mingsoft:ms-mcms (Maven) Apr 23, 2022
Cross-Site Request Forgery (CSRF) in Use Any Font (WordPress plugin) <= 6.1.7 allows an attacker... Moderate Unreviewed
CVE-2022-27851 was published Apr 16, 2022
All versions of Uffizio GPS Tracker may allow an attacker to perform unintended actions on behalf... High Unreviewed
CVE-2021-32929 was published Apr 23, 2022
The Autolinks WordPress plugin through 1.0.1 does not have CSRF check in place when updating its... Moderate Unreviewed
CVE-2022-1112 was published Apr 19, 2022
The Easy Digital Downloads WordPress plugin before 2.11.6 does not have CSRF check in place when... Moderate Unreviewed
CVE-2022-0707 was published Apr 19, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in user/main/update_user in... Moderate Unreviewed
CVE-2010-3024 was published May 17, 2022
A vulnerability in the web-based management interface of Cisco Unified Communications Manager ... Moderate Unreviewed
CVE-2022-20787 was published Apr 22, 2022
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the... High Unreviewed
CVE-2022-27374 was published Apr 26, 2022
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the... High Unreviewed
CVE-2022-27375 was published Apr 26, 2022
The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in... Moderate Unreviewed
CVE-2021-24805 was published Apr 26, 2022
Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Add function... Moderate Unreviewed
CVE-2022-44937 was published Nov 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database