Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,529 advisories

Loading
An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via... Critical Unreviewed
CVE-2020-25905 was published Jan 29, 2022
An SQL Injection vulnerability exists in Sourcecodester Simple Cold Storage Management System... Critical Unreviewed
CVE-2021-45435 was published Jan 29, 2022
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator... High Unreviewed
CVE-2022-24266 was published Feb 1, 2022
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator... High Unreviewed
CVE-2022-24265 was published Feb 1, 2022
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator... High Unreviewed
CVE-2022-24264 was published Feb 1, 2022
Victor CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component... High Unreviewed
CVE-2021-46459 was published Feb 1, 2022
Victor CMS v1.0 was discovered to contain a SQL injection vulnerability in the component admin... Critical Unreviewed
CVE-2021-46458 was published Feb 1, 2022
SQL Injection in Casdoor High
CVE-2022-24124 was published for github.com/casdoor/casdoor (Go) Feb 1, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_post.php. Critical Unreviewed
CVE-2022-24220 was published Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_user.php. Critical Unreviewed
CVE-2022-24222 was published Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions... Critical Unreviewed
CVE-2022-24221 was published Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_page.php. Critical Unreviewed
CVE-2022-24219 was published Feb 2, 2022
SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the... Critical Unreviewed
CVE-2021-43509 was published Feb 2, 2022
SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the... Critical Unreviewed
CVE-2021-43510 was published Feb 2, 2022
The Wicked Folders WordPress plugin before 2.8.10 does not sanitise and escape the folder_id... High Unreviewed
CVE-2021-24919 was published Feb 2, 2022
The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET... Critical Unreviewed
CVE-2021-24762 was published Feb 2, 2022
The Paid Memberships Pro WordPress plugin before 2.6.7 does not escape the discount_code in one... Critical Unreviewed
CVE-2021-25114 was published Feb 8, 2022
The Rearrange Woocommerce Products WordPress plugin before 3.0.8 does not have proper access... Moderate Unreviewed
CVE-2021-24928 was published Feb 8, 2022
Improper neutralization of special elements used in an SQL command ('SQL Injection')... Critical Unreviewed
CVE-2021-43927 was published Feb 8, 2022
Improper neutralization of special elements used in an SQL command ('SQL Injection')... Critical Unreviewed
CVE-2021-43926 was published Feb 8, 2022
Improper neutralization of special elements used in an SQL command ('SQL Injection')... Critical Unreviewed
CVE-2021-43925 was published Feb 8, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which... Moderate Unreviewed
CVE-2021-42633 was published Feb 8, 2022
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in ... Critical Unreviewed
CVE-2022-24263 was published Feb 8, 2022
A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate... Critical Unreviewed
CVE-2022-24260 was published Feb 9, 2022
SQL Injection vulnerability discovered in Unified Office Total Connect Now that would allow an... High Unreviewed
CVE-2022-24121 was published Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database