GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,215
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,112
Maven 5,287
npm 3,767
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,555

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,698 advisories

Filter by severity

Sort by

Least recently updated

SQL injection vulnerability in index.php in MODx 0.9.6.2 and earlier, when magic_quotes_gpc is... Moderate Unreviewed

CVE-2008-5940 was published May 17, 2022

Multiple SQL injection vulnerabilities in Avaya SIP Enablement Services (SES) in Avaya Avaya... Moderate Unreviewed

CVE-2008-6573 was published May 17, 2022

SQL injection vulnerability in profile_social.php in i-Net Solution Orkut Clone allows remote... Moderate Unreviewed

CVE-2008-5970 was published May 17, 2022

SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc... Moderate Unreviewed

CVE-2008-5954 was published May 17, 2022

Multiple SQL injection vulnerabilities in PunBB 1.3 and 1.3.1 allow remote authenticated... Moderate Unreviewed

CVE-2008-5434 was published May 17, 2022

The Five Minute Webshop WordPress plugin through 1.3.2 does not sanitise and escape the id... Moderate Unreviewed

CVE-2022-1686 was published Jun 9, 2022

The Logo Slider WordPress plugin through 1.4.8 does not sanitise and escape the lsp_slider_id... Moderate Unreviewed

CVE-2022-1687 was published Jun 9, 2022

SQL injection vulnerability in xt:Commerce before 3.0.4 Sp2.1, when magic_quotes_gpc is enabled... Moderate Unreviewed

CVE-2008-6304 was published May 17, 2022

The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise... Moderate Unreviewed

CVE-2022-1685 was published Jun 9, 2022

The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter... Moderate Unreviewed

CVE-2022-1684 was published Jun 9, 2022

Multiple SQL injection vulnerabilities in the User Karma module 5.x before 5.x-1.13 and 6.x... Moderate Unreviewed

CVE-2008-6276 was published May 17, 2022

The Realty Workstation WordPress plugin through 1.0.6 does not sanitise and escape the trans_edit... Moderate Unreviewed

CVE-2022-1691 was published Jun 9, 2022

The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the ids from the bulk... Moderate Unreviewed

CVE-2022-1690 was published Jun 9, 2022

Multiple SQL injection vulnerabilities in admin_login.php in NCT Jobs Portal Script allow remote... Moderate Unreviewed

CVE-2010-1604 was published May 17, 2022

Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service ... Moderate Unreviewed

CVE-2021-1282 was published May 24, 2022

SQL injection vulnerability in IBM WebSphere Commerce 6.0 before 6.0.0.10 allows remote... Moderate Unreviewed

CVE-2010-2635 was published May 17, 2022

Nokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean... Moderate Unreviewed

CVE-2021-35487 was published May 26, 2022

Multiple SQL injection vulnerabilities in OCS Inventory NG before 1.02.3 allow remote attackers... Moderate Unreviewed

CVE-2010-1733 was published May 17, 2022

The Nexos theme through 1.7 for WordPress allows side-map/?search_order= SQL Injection. Moderate Unreviewed

CVE-2020-15363 was published May 24, 2022

Improper Neutralization of Special Elements used in an SQL Command Pivotal Spring Data JPA Moderate

CVE-2016-6652 was published for org.springframework.data:spring-data-jpa (Maven) May 17, 2022

A vulnerability has been identified in Desigo Insight (All versions). The web service does not... Moderate Unreviewed

CVE-2020-15792 was published May 24, 2022

An exploitable SQL injection vulnerability exists in the unauthenticated portion of eFront LMS,... Moderate Unreviewed

CVE-2019-5070 was published May 24, 2022

SQL injection vulnerability via IAPService in Samsung Checkout prior to version 5.0.53.1 allows... Moderate Unreviewed

CVE-2022-36839 was published Aug 6, 2022

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28... Moderate Unreviewed

CVE-2013-0375 was published May 5, 2022

SQL injection vulnerability in index.php in GaleriaSHQIP 1.0, when magic_quotes_gpc is disabled,... Moderate Unreviewed

CVE-2010-3207 was published May 17, 2022

Previous 1 2 … 104 105 106 107 108 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,698 advisories