Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,529 advisories

Loading
Victor CMS v1.0 was discovered to contain a SQL injection vulnerability that allows attackers to... High Unreviewed
CVE-2022-23873 was published Feb 9, 2022
SQL Injection in Spring Cloud Task Moderate
CVE-2020-5428 was published for org.springframework.cloud:spring-cloud-task-dependencies (Maven) Feb 9, 2022
SQL injection without credentials in ming-soft MCMS Critical
CVE-2020-23262 was published for net.mingsoft:ms-mcms (Maven) Feb 9, 2022
SQL injection in hibernate-core High
CVE-2020-25638 was published for org.hibernate:hibernate-core (Maven) Feb 9, 2022
vmvarga mpihelgas
Credited to vmvarga and mpihelgas
Unauthenticated SQL Injection (SQLi) vulnerability discovered in [GWA] AutoResponder WordPress... Critical Unreviewed
CVE-2021-44779 was published Feb 10, 2022
Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of... Critical Unreviewed
CVE-2022-23379 was published Feb 10, 2022
An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not... High Unreviewed
CVE-2021-44866 was published Feb 10, 2022
AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php. Critical Unreviewed
CVE-2022-24223 was published Feb 10, 2022
A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of... High Unreviewed
CVE-2021-37197 was published Feb 10, 2022
Possible SQL injection in tablelookupwizard Contao Extension High
GHSA-v3mr-gp7j-pw5w was published for terminal42/contao-tablelookupwizard (Composer) Feb 10, 2022
SQL Injection in Hibernate ORM Moderate
CVE-2019-14900 was published for org.hibernate:hibernate-core (Maven) Feb 10, 2022
mpihelgas
Credited to mpihelgas
SAP NetWeaver AS ABAP (Workplace Server) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753,... High Unreviewed
CVE-2022-22540 was published Feb 11, 2022
HMS v1.0 was discovered to contain a SQL injection vulnerability via patientlogin.php. Critical Unreviewed
CVE-2022-23366 was published Feb 11, 2022
The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not... Critical Unreviewed
CVE-2021-24931 was published Feb 11, 2022
Tokheim Profleet DiaLOG 11.005.02 is affected by SQL Injection. The component is the... Critical Unreviewed
CVE-2021-34235 was published Feb 12, 2022
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in ... High Unreviewed
CVE-2022-24646 was published Feb 12, 2022
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal... Critical Unreviewed
CVE-2022-24206 was published Feb 15, 2022
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via... Critical Unreviewed
CVE-2022-23902 was published Feb 15, 2022
Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in language_general.class... Critical Unreviewed
CVE-2022-23335 was published Feb 15, 2022
Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in parameter_admin.class... Critical Unreviewed
CVE-2022-22295 was published Feb 15, 2022
S-CMS v5.0 was discovered to contain a SQL injection vulnerability in member_pay.php via the O_id... Critical Unreviewed
CVE-2022-23336 was published Feb 15, 2022
DedeCMS v5.7.87 was discovered to contain a SQL injection vulnerability in article_coonepage_rule... Critical Unreviewed
CVE-2022-23337 was published Feb 15, 2022
The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.6 is affected by a SQL... High Unreviewed
CVE-2022-0190 was published Feb 15, 2022
The Futurio Extra WordPress plugin before 1.6.3 is affected by a SQL Injection vulnerability that... Moderate Unreviewed
CVE-2021-25109 was published Feb 15, 2022
SQL Injection in Couchbase Sync Gateway Critical
CVE-2019-9039 was published for github.com/couchbase/sync_gateway (Go) Feb 15, 2022
andrewpollock
Credited to andrewpollock
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database