Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,243 advisories

Loading
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exist in ladder/stats.php via the GET... Critical Unreviewed
CVE-2017-18289 was published May 14, 2022
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the... Critical Unreviewed
CVE-2017-18291 was published May 14, 2022
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the... Critical Unreviewed
CVE-2017-18290 was published May 14, 2022
spider.admincp.php in iCMS v7.0.8 has SQL Injection via the id parameter in an app=spider&do... Critical Unreviewed
CVE-2018-12498 was published May 14, 2022
joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary SQL command execution... Critical Unreviewed
CVE-2018-12039 was published May 14, 2022
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the ... Critical Unreviewed
CVE-2017-16846 was published May 14, 2022
Zoho ManageEngine Applications Manager 13 before build 13500 allows SQL injection via... Critical Unreviewed
CVE-2017-16543 was published May 14, 2022
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /MyPage... Critical Unreviewed
CVE-2017-16851 was published May 14, 2022
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /MyPage... Critical Unreviewed
CVE-2017-16849 was published May 14, 2022
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the ... Critical Unreviewed
CVE-2017-16847 was published May 14, 2022
A SQL injection issue was discovered in the Quick Chat plugin before 4.00 for WordPress. Critical Unreviewed
CVE-2018-12534 was published May 14, 2022
NEWMARK (aka New Mark) NMCMS 2.1 allows SQL Injection via the sect_id parameter to the /catalog URI. Critical Unreviewed
CVE-2018-12630 was published May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php Critical
CVE-2018-13448 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php Critical
CVE-2018-13447 was published for dolibarr/dolibarr (Composer) May 14, 2022
Etere EtereWeb before 28.1.20 has a pre-authentication blind SQL injection in the POST parameters... Critical Unreviewed
CVE-2018-10997 was published May 14, 2022
SQL injection vulnerability in ConnX ESP HR Management 4.4.0 allows remote attackers to execute... Critical Unreviewed
CVE-2015-4043 was published May 14, 2022
SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote... Critical Unreviewed
CVE-2018-10969 was published May 14, 2022
/user/del.php in zzcms 8.3 allows SQL injection via the tablename parameter after leveraging use... Critical Unreviewed
CVE-2018-13116 was published May 14, 2022
Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow... Critical Unreviewed
CVE-2018-11589 was published May 14, 2022
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the ... Critical Unreviewed
CVE-2017-16850 was published May 14, 2022
SQL injection vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows... Critical Unreviewed
CVE-2013-3000 was published May 14, 2022
A SQL Injection vulnerability exists in Zoho ManageEngine Applications Manager 13.x before build... Critical Unreviewed
CVE-2018-13050 was published May 14, 2022
Improper Input Validation in Linux io-prefetch in Snapdragon Mobile and Snapdragon Wear, A SQL... Critical Unreviewed
CVE-2017-11088 was published May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php Critical
CVE-2018-13449 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php Critical
CVE-2018-13450 was published for dolibarr/dolibarr (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database