GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,691

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5,935 advisories

Filter by severity

Sort by

Least recently updated

Cross-Site Request Forgery (CSRF) vulnerability discovered in Contact Form 7 Database Addon –... High Unreviewed

CVE-2021-36886 was published Dec 23, 2021

The Directorist WordPress plugin before 7.0.6.2 was vulnerable to Cross-Site Request Forgery to... High Unreviewed

CVE-2021-24981 was published Dec 22, 2021

Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS) discovered... High Unreviewed

CVE-2021-36887 was published Dec 21, 2021

Cross Site Request Forgery (CSRF) vulnerability exits in Catfish <=6.1.* when you upload an html... High Unreviewed

CVE-2021-45017 was published Dec 17, 2021

Cross Site Request Forgery (CSRF) vulnerability in Change-password.php in phpgurukul user... Moderate Unreviewed

CVE-2021-26800 was published Dec 17, 2021

glFusion CMS 1.7.9 is affected by a Cross Site Request Forgery (CSRF) vulnerability in ... Moderate Unreviewed

CVE-2021-44948 was published Dec 15, 2021

glFusion CMS 1.7.9 is affected by a Cross Site Request Forgery (CSRF) vulnerability in ... Moderate Unreviewed

CVE-2021-44942 was published Dec 15, 2021

The NEX-Forms WordPress plugin through 7.9.4 does not escape some of its settings and form fields... Moderate Unreviewed

CVE-2021-24705 was published Dec 14, 2021

The Single Post Exporter WordPress plugin through 1.1.1 does not have CSRF checks when saving its... Moderate Unreviewed

CVE-2021-24780 was published Dec 14, 2021

The Contact Form Advanced Database WordPress plugin through 1.0.8 does not have any authorisation... Moderate Unreviewed

CVE-2021-24790 was published Dec 14, 2021

The WP Admin Logo Changer WordPress plugin through 1.0 does not have CSRF check when saving its... Moderate Unreviewed

CVE-2021-24784 was published Dec 14, 2021

The Filter Portfolio Gallery WordPress plugin through 1.5 is lacking Cross-Site Request Forgery ... Moderate Unreviewed

CVE-2021-24795 was published Dec 14, 2021

The WP Limits WordPress plugin through 1.0 does not have CSRF check when saving its settings,... Moderate Unreviewed

CVE-2021-24818 was published Dec 14, 2021

The Temporary Login Without Password WordPress plugin before 1.7.1 does not have authorisation... Moderate Unreviewed

CVE-2021-24836 was published Dec 14, 2021

The Pixel Cat WordPress plugin before 2.6.2 does not have CSRF check when saving its settings,... Critical Unreviewed

CVE-2021-24922 was published Dec 14, 2021

The Like Button Rating â™¥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation... High Unreviewed

CVE-2021-24945 was published Dec 14, 2021

A Cross Site Request Forgery (CSRF) vulnerability exits in ZZZCMS V1.7.1 via the save_user... High Unreviewed

CVE-2020-19682 was published Dec 10, 2021

The Tawk.To Live Chat WordPress plugin before 0.6.0 does not have capability and CSRF checks in... High Unreviewed

CVE-2021-24914 was published Dec 7, 2021

Serv-U server responds with valid CSRFToken when the request contains only Session. High Unreviewed

CVE-2021-35242 was published Dec 7, 2021

b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the User... High Unreviewed

CVE-2021-31631 was published Dec 7, 2021

IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site request forgery (CSRF) in the... High Unreviewed

CVE-2021-29756 was published Dec 4, 2021

The ClickBank Affiliate Ads WordPress plugin through 1.20 does not have CSRF check when saving... Critical Unreviewed

CVE-2015-20105 was published Dec 3, 2021

Cross-site request forgery (CSRF) vulnerability in Browser and Operating System Finder versions... High Unreviewed

CVE-2021-20851 was published Dec 2, 2021

Cross-site request forgery (CSRF) vulnerability in ELECOM LAN routers (WRC-1167GST2 firmware v1... High Unreviewed

CVE-2021-20860 was published Dec 2, 2021

Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel... High Unreviewed

CVE-2021-43137 was published Dec 2, 2021

Previous 1 2 … 234 235 236 237 238 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

5,935 advisories