GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,512
Composer 4,179
Erlang 31
GitHub Actions 19
Go 1,982
Maven 5,155
npm 3,701
NuGet 656
pip 3,323
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 233,002

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,132 advisories

Filter by severity

Sort by

Least recently updated

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2024-8607 was published Sep 27, 2024

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to time... High Unreviewed

CVE-2024-9130 was published Sep 27, 2024

The REST API TO MiniProgram plugin for WordPress is vulnerable to SQL Injection via the 'order'... High Unreviewed

CVE-2024-8484 was published Sep 25, 2024

A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to... High Unreviewed

CVE-2024-39842 was published Sep 23, 2024

SQL injection vulnerability in Welcart e-Commerce prior to 2.11.2 allows an attacker who can... High Unreviewed

CVE-2024-42404 was published Sep 18, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2024-43969 was published Sep 18, 2024

SQL injection vulnerability in idoit pro version 28. This vulnerability could allow an attacker... High Unreviewed

CVE-2024-8749 was published Sep 12, 2024

The Adicon Server WordPress plugin through 1.2 does not sanitize and escape a parameter before... High Unreviewed

CVE-2024-7766 was published Sep 12, 2024

SQL Injection vulnerability in Ellevo v.6.2.0.38160 allows a remote attacker to obtain sensitive... High Unreviewed

CVE-2024-42760 was published Sep 11, 2024

SQL injection in the management console of Ivanti EPM before 2022 SU6, or the 2024 September... High Unreviewed

CVE-2024-8191 was published Sep 10, 2024

AutoCMS v5.4 was discovered to contain a SQL injection vulnerability via the sidebar parameter at... High Unreviewed

CVE-2024-44725 was published Sep 9, 2024

The Pinpoint Booking System – #1 WordPress Booking Plugin plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-7112 was published Sep 7, 2024

A SQL injection vulnerability has been reported to affect Video Station. If exploited, the... High Unreviewed

CVE-2023-50360 was published Sep 6, 2024

Sourcecodester Simple Forum Website v1.0 has a SQL injection vulnerability in /php-sqlite-forum/... High Unreviewed

CVE-2024-44739 was published Sep 6, 2024

The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is... High Unreviewed

CVE-2024-7349 was published Sep 6, 2024

Sourcecodehero Event Management System1.0 is vulnerable to SQL Injection via the parameter ... High Unreviewed

CVE-2024-44727 was published Sep 5, 2024

itsourcecode Alton Management System 1.0 is vulnerable to SQL Injection in /noncombo_save.php via... High Unreviewed

CVE-2024-44587 was published Sep 5, 2024

An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to... High Unreviewed

CVE-2024-45174 was published Sep 4, 2024

SQL Injection vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain... High Unreviewed

CVE-2024-44817 was published Sep 4, 2024

SQL Injection in download personal learning course function of Easytest Online Test Platform ver... High Unreviewed

CVE-2024-43774 was published Sep 2, 2024

SQL Injection in online dictionary function of Easytest Online Test Platform ver.24E01 and... High Unreviewed

CVE-2024-7871 was published Sep 2, 2024

SQL Injection in search course titles function of Easytest Online Test Platform ver.24E01 and... High Unreviewed

CVE-2024-43775 was published Sep 2, 2024

SQL Injection in mock exam function of Easytest Online Test Platform ver.24E01 and earlier allow... High Unreviewed

CVE-2024-43776 was published Sep 2, 2024

The WP Events Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ... High Unreviewed

CVE-2024-7717 was published Aug 31, 2024

Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection... High Unreviewed

CVE-2024-6204 was published Aug 30, 2024

Previous 1 2 3 4 5 6 … 245 246 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,132 advisories