Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

13,130 advisories

Loading
A SQL Injection vulnerability exists in Ivanti Avalance before 6.3.3 allows an attacker with... High Unreviewed
CVE-2021-42131 was published Dec 8, 2021
A SQL injection vulnerability in feature services provided by Esri ArcGIS Server 10.9 and below... Critical Unreviewed
CVE-2021-29114 was published Dec 8, 2021
SQL injection vulnerability was discovered in Aanderaa GeoView Webservice prior to version 2.1.3... Critical Unreviewed
CVE-2021-41063 was published Dec 9, 2021
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution... High Unreviewed
CVE-2021-40861 was published Dec 9, 2021
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution... High Unreviewed
CVE-2021-40860 was published Dec 9, 2021
A improper neutralization of special elements used in an sql command ('sql injection') in... High Unreviewed
CVE-2021-42760 was published Dec 9, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, abd 2021 in dl/dl_download.php.... High Unreviewed
CVE-2021-40282 was published Dec 10, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 in dl/dl_print.php when... High Unreviewed
CVE-2021-40281 was published Dec 10, 2021
An SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in... Critical Unreviewed
CVE-2021-41695 was published Dec 10, 2021
An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in... High Unreviewed
CVE-2021-40280 was published Dec 10, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in... High Unreviewed
CVE-2021-40279 was published Dec 10, 2021
wbce_cms is vulnerable to Improper Neutralization of Special Elements used in an SQL Command Critical Unreviewed
CVE-2021-3817 was published Dec 10, 2021
SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System... Critical Unreviewed
CVE-2021-44966 was published Dec 14, 2021
The LearnPress WordPress plugin before 4.1.4 does not sanitise, validate and escape the id... Critical Unreviewed
CVE-2021-24951 was published Dec 14, 2021
The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the... Critical Unreviewed
CVE-2021-24946 was published Dec 14, 2021
The WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots... Critical Unreviewed
CVE-2021-24863 was published Dec 14, 2021
The Quotes Collection WordPress plugin through 2.5.2 does not validate and escape the bulkcheck... High Unreviewed
CVE-2021-24861 was published Dec 14, 2021
The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPress plugin through 2.7,... High Unreviewed
CVE-2021-24848 was published Dec 14, 2021
The SEO Booster WordPress plugin through 3.7 allows for authenticated SQL injection via the ... High Unreviewed
CVE-2021-24747 was published Dec 14, 2021
SQL injection in jackalope/jackalope-doctrine-dbal High
CVE-2021-43822 was published for jackalope/jackalope-doctrine-dbal (Composer) Dec 14, 2021
alexander-schranz
If configured to use an Oracle database and if a query is created using the flexible search java... Critical Unreviewed
CVE-2021-42064 was published Dec 15, 2021
There is an upload sql injection vulnerability in the background of taocms 3.0.2 in parameter id... Critical Unreviewed
CVE-2021-45014 was published Dec 15, 2021
Online Pre-owned/Used Car Showroom Management System 1.0 contains a SQL injection authentication... Critical Unreviewed
CVE-2021-44655 was published Dec 16, 2021
Online Magazine Management System 1.0 contains a SQL injection authentication bypass... Critical Unreviewed
CVE-2021-44653 was published Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-42313 was published Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database