GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,464
Composer 5,253
Erlang 40
GitHub Actions 41
Go 3,049
Maven 6,276
npm 4,787
NuGet 825
pip 4,384
Pub 12
RubyGems 988
Rust 1,144
Swift 50

Unreviewed advisories

All unreviewed 291,432

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

8,594 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Cross-Site Request Forgery in OWASP CSRFGuard High

CVE-2021-28490 was published for org.owasp:csrfguard (Maven) May 24, 2022

Multiple cross-site request forgery (CSRF) vulnerabilities in The Uniform Server 5.6.5 allow... Low Unreviewed

CVE-2010-2113 was published May 17, 2022

The JivoChat Live Chat WordPress plugin before 1.3.5.4 does not properly check CSRF tokens on... Moderate Unreviewed

CVE-2022-0642 was published May 31, 2022

Cross Site Request Forgery (CSRF) vulnerability in PbootCMS v2.0.3 via /admin.php?p=/User/index. High Unreviewed

CVE-2020-20971 was published Jun 3, 2022

The ultimate-category-excluder plugin before 1.2 for WordPress allows ultimate-category-excluder... High Unreviewed

CVE-2020-35135 was published May 24, 2022

XWiki Cross-Site Request Forgery (CSRF) for actions on tags Moderate

CVE-2022-36095 was published for org.xwiki.platform:xwiki-platform-web-templates (Maven) Sep 16, 2022

Cross-site request forgery (CSRF) vulnerability in user/user-set.do in Pacific Timesheet 6.74... Moderate Unreviewed

CVE-2010-2111 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in Cybozu Office 6, Cybozu Dezie before 6.0(1.0),... Moderate Unreviewed

CVE-2008-6744 was published May 17, 2022

Cross Site Request Forgery (CSRF) in JuQingCMS v1.0 allows remote attackers to gain local... High Unreviewed

CVE-2020-18648 was published May 24, 2022

Sipwise C5 NGCP CSC through CE_m39.3.1 allows call/click2dial CSRF attacks for actions with... High Unreviewed

CVE-2021-31584 was published May 24, 2022

This Gallery from files WordPress plugin through 1.6.0 gives the functionality of uploading... Moderate Unreviewed

CVE-2021-24349 was published May 24, 2022

The Content Copy Protection & Prevent Image Save WordPress plugin through 1.3 does not check for... Moderate Unreviewed

CVE-2021-24333 was published May 24, 2022

The WP Login Security and History WordPress plugin through 1.0 did not have CSRF check when... Moderate Unreviewed

CVE-2021-24328 was published May 24, 2022

The Bulk Page Creator WordPress plugin before 1.1.4 does not protect its page creation... High Unreviewed

CVE-2022-1611 was published May 31, 2022

A cross-site request forgery (CSRF) vulnerability has been reported to affect QNAP device running... High Unreviewed

CVE-2021-34360 was published May 27, 2022

IBM Business Automation Workflow traditional 21.0.1 through 21.0.3, 20.0.0.1 through 20.0.0.2, 19... Moderate Unreviewed

CVE-2022-22361 was published Jun 1, 2022

Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 allows remote attackers to... Moderate Unreviewed

CVE-2010-1611 was published May 17, 2022

Cross Site Request Forgery in Mingsoft MCMS High

CVE-2022-29647 was published for net.mingsoft:ms-mcms (Maven) Jun 3, 2022

Cross-site request forgery (CSRF) vulnerability in Atlassian JIRA Enterprise Edition 3.13 allows... Moderate Unreviewed

CVE-2008-6832 was published May 17, 2022

Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 allows attackers to execute... High Unreviewed

CVE-2022-29735 was published Jun 3, 2022

The Ask me WordPress theme before 6.8.2 does not perform CSRF checks for any of its AJAX actions,... Moderate Unreviewed

CVE-2022-1424 was published Jun 9, 2022

The LiveSync for WordPress plugin through 1.0 does not have CSRF check in place when updating its... Moderate Unreviewed

CVE-2022-1712 was published Jun 9, 2022

A Cross-site request forgery (CSRF) vulnerability in Cscms music portal system v4.2 allows remote... Moderate Unreviewed

CVE-2022-30898 was published Jun 10, 2022

IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request... High Unreviewed

CVE-2022-22479 was published Jun 11, 2022

A Cross Site Request Forgery (CSRF) vulnerability exists in TheDayLightStudio Fuel CMS 1.5.0 via... High Unreviewed

CVE-2021-44117 was published Jun 11, 2022

Previous 1…6…344 Next

Previous 1 2 3 4 5 6 7 8 … 343 344 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

8,594 advisories