Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,367
Maven
5,000+
npm
3,986
NuGet
720
pip
3,778
Pub
12
RubyGems
926
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,945 advisories

Loading
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21920 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21919 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21918 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21921 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21922 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21924 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21923 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21925 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21929 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21928 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21931 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21927 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21935 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21937 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21930 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21934 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21932 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21936 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21933 was published Dec 23, 2021
The get_query() function of the Ni WooCommerce Custom Order Status WordPress plugin before 1.9.7,... High Unreviewed
CVE-2021-24846 was published Dec 22, 2021
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly... High Unreviewed
CVE-2021-24750 was published Dec 22, 2021
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via... High Unreviewed
CVE-2021-44874 was published Dec 22, 2021
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection... High Unreviewed
CVE-2021-35234 was published Dec 21, 2021
JFrog Artifactory before 7.25.4 (Enterprise+ deployments only), is vulnerable to Blind SQL... High Unreviewed
CVE-2021-3860 was published Dec 21, 2021
SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection. High Unreviewed
CVE-2021-45041 was published Dec 20, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database