Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,529 advisories

Loading
SQL Injection in Couchbase Sync Gateway Critical
CVE-2019-9039 was published for github.com/couchbase/sync_gateway (Go) Feb 15, 2022
andrewpollock
Credited to andrewpollock
SQL Injection High Unreviewed
CVE-2020-25695 was published Feb 15, 2022
Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via... High Unreviewed
CVE-2022-24226 was published Feb 16, 2022
SQL Injection in Jeecg-boot Critical
CVE-2022-22881 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 17, 2022
SQL Injection in Jeecg-boot Critical
CVE-2022-22880 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 17, 2022
DuxCMS v3.1.3 was discovered to contain a SQL injection vulnerability via the component s/tools... Critical Unreviewed
CVE-2021-3242 was published Feb 17, 2022
The Fancy Product Designer WordPress plugin is vulnerable to SQL Injection due to insufficient... Moderate Unreviewed
CVE-2021-4134 was published Feb 17, 2022
The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping... High Unreviewed
CVE-2022-0513 was published Feb 17, 2022
EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search... Critical Unreviewed
CVE-2022-23358 was published Feb 17, 2022
SQL injection in MCMS Critical
CVE-2021-44868 was published for net.mingsoft:ms-mcms (Maven) Feb 18, 2022
Online Shopping Portal v3.1 was discovered to contain multiple time-based SQL injection... Critical Unreviewed
CVE-2021-46110 was published Feb 19, 2022
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... High Unreviewed
CVE-2022-21176 was published Feb 19, 2022
Unsanitized user input in ExpressionEngine <= 5.4.0 control panel member creation leads to an SQL... High Unreviewed
CVE-2020-8242 was published Feb 19, 2022
ZEROF Web Server 2.0 allows /HandleEvent SQL Injection. Critical Unreviewed
CVE-2022-25322 was published Feb 19, 2022
BaiCloud-cms v2.5.7 was discovered to contain multiple SQL injection vulnerabilities via the... High Unreviewed
CVE-2021-44302 was published Feb 20, 2022
The Popup Builder WordPress plugin before 4.0.7 does not validate and properly escape the orderby... High Unreviewed
CVE-2022-0228 was published Feb 22, 2022
The Database Backup for WordPress plugin before 2.5.1 does not properly sanitise and escape the... High Unreviewed
CVE-2022-0255 was published Feb 22, 2022
The ExportFeed WordPress plugin through 2.0.1.0 does not sanitise and escape the product_id POST... High Unreviewed
CVE-2021-4208 was published Feb 22, 2022
The Download Manager WordPress plugin before 3.2.34 does not sanitise and escape the package_ids... High Unreviewed
CVE-2021-25069 was published Feb 22, 2022
The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping... High Unreviewed
CVE-2022-25149 was published Feb 25, 2022
Hospital Patient Record Management System v1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2022-25004 was published Feb 25, 2022
The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping... High Unreviewed
CVE-2022-25148 was published Feb 25, 2022
Hospital Patient Record Management System v1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2022-25003 was published Feb 25, 2022
The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping... High Unreviewed
CVE-2022-0651 was published Feb 25, 2022
Cybonet - PineApp Mail Relay Unauthenticated Sql Injection. Attacker can send a request to: ... Critical Unreviewed
CVE-2022-22794 was published Feb 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database