Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,132 advisories

Loading
The importFromRedirection AJAX action of the SEO Redirection Plugin – 301 Redirect Manager... High Unreviewed
CVE-2021-24847 was published Nov 17, 2021
iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability. An... High Unreviewed
CVE-2021-36300 was published Nov 24, 2021
Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL... High Unreviewed
CVE-2021-36299 was published Nov 24, 2021
An authenticated user could potentially execute code via an SQLi vulnerability in the user portal... High Unreviewed
CVE-2021-36807 was published Nov 27, 2021
The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields... High Unreviewed
CVE-2021-24889 was published Nov 30, 2021
The BSK PDF Manager WordPress plugin before 3.1.2 does not validate and escape the orderby and... High Unreviewed
CVE-2021-24860 was published Nov 30, 2021
The Email Before Download WordPress plugin before 6.8 does not properly validate and escape the... High Unreviewed
CVE-2021-24748 was published Nov 30, 2021
The myCred WordPress plugin before 2.3 does not validate or escape the fields parameter before... High Unreviewed
CVE-2021-24755 was published Nov 30, 2021
Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A... High Unreviewed
CVE-2021-36328 was published Dec 1, 2021
The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape a parameter before... High Unreviewed
CVE-2020-35012 was published Dec 3, 2021
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function... High Unreviewed
CVE-2021-25783 was published Dec 4, 2021
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function... High Unreviewed
CVE-2021-25784 was published Dec 4, 2021
Piwigo v11.5 was discovered to contain a SQL injection vulnerability via the parameter pwg_token... High Unreviewed
CVE-2021-40313 was published Dec 7, 2021
Authenticated Blind & Error-based SQL injection vulnerability was discovered in Online Enrollment... High Unreviewed
CVE-2021-40578 was published Dec 8, 2021
A SQL Injection vulnerability exists in Ivanti Avalance before 6.3.3 allows an attacker with... High Unreviewed
CVE-2021-42131 was published Dec 8, 2021
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution... High Unreviewed
CVE-2021-40861 was published Dec 9, 2021
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution... High Unreviewed
CVE-2021-40860 was published Dec 9, 2021
A improper neutralization of special elements used in an sql command ('sql injection') in... High Unreviewed
CVE-2021-42760 was published Dec 9, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, abd 2021 in dl/dl_download.php.... High Unreviewed
CVE-2021-40282 was published Dec 10, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 in dl/dl_print.php when... High Unreviewed
CVE-2021-40281 was published Dec 10, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in... High Unreviewed
CVE-2021-40279 was published Dec 10, 2021
An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in... High Unreviewed
CVE-2021-40280 was published Dec 10, 2021
The Quotes Collection WordPress plugin through 2.5.2 does not validate and escape the bulkcheck... High Unreviewed
CVE-2021-24861 was published Dec 14, 2021
The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPress plugin through 2.7,... High Unreviewed
CVE-2021-24848 was published Dec 14, 2021
The SEO Booster WordPress plugin through 3.7 allows for authenticated SQL injection via the ... High Unreviewed
CVE-2021-24747 was published Dec 14, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database