Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

13,210 advisories

Loading
Emuse - eServices / eNvoice SQL injection can be used in various ways ranging from bypassing... Critical Unreviewed
CVE-2021-36722 was published Dec 30, 2021
Changing MOTP (Mobile One Time Password) system’s specific function parameter has insufficient... High Unreviewed
CVE-2021-44161 was published Dec 30, 2021
Telephony application has a SQL Injection vulnerability.Successful exploitation of this... High Unreviewed
CVE-2021-39978 was published Jan 4, 2022
The Events Made Easy WordPress plugin before 2.2.36 does not sanitise and escape the search_text... High Unreviewed
CVE-2021-25030 was published Jan 4, 2022
The Speed Booster Pack âš¡ PageSpeed Optimization Suite WordPress plugin before 4.3.3.1 does not... High Unreviewed
CVE-2021-25023 was published Jan 4, 2022
The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the ... High Unreviewed
CVE-2021-24786 was published Jan 4, 2022
SQL Injection in Apache Kylin Moderate
CVE-2021-36774 was published for org.apache.kylin:kylin (Maven) Jan 8, 2022
A vulnerability in the showReports module of Zoho ManageEngine Applications Manager before build... High Unreviewed
CVE-2020-28679 was published Jan 11, 2022
The "WP Search Filters" widget of The Plus Addons for Elementor - Pro WordPress plugin before 5.0... Critical Unreviewed
CVE-2021-24949 was published Jan 11, 2022
The WPcalc WordPress plugin through 2.1 does not sanitize user input into the 'did' parameter and... High Unreviewed
CVE-2021-25054 was published Jan 11, 2022
The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its... High Unreviewed
CVE-2021-24862 was published Jan 11, 2022
Sourcecodester Online Thesis Archiving System 1.0 is vulnerable to SQL Injection. An attacker can... Critical Unreviewed
CVE-2021-45334 was published Jan 11, 2022
A SQL injection vulnerability in /mobile/SelectUsers.jsp in SysAid ITIL 20.4.74 b10 allows a... High Unreviewed
CVE-2021-43971 was published Jan 12, 2022
cscms v4.1 allows for SQL injection via the "js_del" function. Critical Unreviewed
CVE-2020-28102 was published Jan 12, 2022
cscms v4.1 allows for SQL injection via the "page_del" function. Critical Unreviewed
CVE-2020-28103 was published Jan 12, 2022
In SalonERP 3.0.1, a SQL injection vulnerability allows an attacker to inject payload using 'sql'... High Unreviewed
CVE-2021-45406 was published Jan 15, 2022
The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated... Critical Unreviewed
CVE-2022-22055 was published Jan 15, 2022
The All in One SEO WordPress plugin before 4.1.5.3 is affected by an authenticated SQL injection... Moderate Unreviewed
CVE-2021-25037 was published Jan 18, 2022
SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection. High Unreviewed
CVE-2021-38694 was published Jan 19, 2022
PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL sentences in the "subnet"... High Unreviewed
CVE-2022-23046 was published Jan 20, 2022
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path... Critical Unreviewed
CVE-2021-46204 was published Jan 20, 2022
An SQL Injection vulnerability exists in Sourcecodester Computer and Mobile Repair Shop... Critical Unreviewed
CVE-2021-46061 was published Jan 21, 2022
An SQL Injection vulnerability exists in Courcecodester COVID 19 Testing Management System (CTMS)... Critical Unreviewed
CVE-2021-44245 was published Jan 21, 2022
An SQL Injection vulnerability exists in code-projects Pharmacy Management 1.0 via the username... Critical Unreviewed
CVE-2021-44092 was published Jan 21, 2022
An SQL Injection vulnerabiity exists in Sourcecodester Logistic Hub Parcel's Management System 1... Critical Unreviewed
CVE-2021-44244 was published Jan 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database