Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,243 advisories

Loading
WolfSight CMS 3.2 allows SQL injection via the PATH_INFO to the default URI. Critical Unreviewed
CVE-2018-14012 was published May 14, 2022
The "Firebase Cloud Messaging (FCM) + Advance Admin Panel" component supporting Firebase Push... Critical Unreviewed
CVE-2018-13850 was published May 14, 2022
There is a time-based blind SQL injection vulnerability in the Access Manager component before 9... Critical Unreviewed
CVE-2018-10197 was published May 14, 2022
joyplus-cms 1.6.0 has SQL Injection via the manager/admin_ajax.php val parameter. Critical Unreviewed
CVE-2018-14389 was published May 14, 2022
An issue was discovered in cckevincyh SSH CompanyWebsite through 2018-05-03. SQL injection exists... Critical Unreviewed
CVE-2018-14440 was published May 14, 2022
A SQL injection was discovered in WUZHI CMS 4.1.0 that allows remote attackers to inject a... Critical Unreviewed
CVE-2018-14515 was published May 14, 2022
In Msvod Cms v10, SQL Injection exists via an images/lists?cid= URI. Critical Unreviewed
CVE-2018-14418 was published May 14, 2022
manager/admin_ajax.php in joyplus-cms 1.6.0 has SQL Injection, as demonstrated by crafted POST... Critical Unreviewed
CVE-2018-14501 was published May 14, 2022
The content://wappush content provider in com.android.provider.telephony, as found in some custom... Critical Unreviewed
CVE-2018-14066 was published May 14, 2022
dl/dl_sendmail.php in zzcms 8.3 has SQL Injection via the sql parameter. Critical Unreviewed
CVE-2018-14961 was published May 14, 2022
An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.address.php has SQL Injection... Critical Unreviewed
CVE-2018-14968 was published May 14, 2022
A SQL Injection vulnerability exists in the Zoho ManageEngine Applications Manager 13 before... Critical Unreviewed
CVE-2018-15168 was published May 14, 2022
Bacula-web SQL Injection Vulnerabilities Critical
CVE-2017-15367 was published for bacula-web/bacula-web (Composer) May 14, 2022
Multiple SQL injection vulnerabilities in includes/update.php in the Support Ticket System plugin... Critical Unreviewed
CVE-2015-7670 was published May 14, 2022
SQL injection vulnerability in SOL.Connect ISET-mpp meter 1.2.4.2 and earlier allows remote... Critical Unreviewed
CVE-2017-11494 was published May 14, 2022
Multiple SQL injection vulnerabilities in portal/add_edit_event_user.php in versions of OpenEMR... Critical Unreviewed
CVE-2018-15145 was published May 14, 2022
Multiple SQL injection vulnerabilities in portal/find_appt_popup_user.php in versions of OpenEMR... Critical Unreviewed
CVE-2018-15143 was published May 14, 2022
zzcms version 8.3 and earlier contains a SQL Injection vulnerability in zt/top.php line 5 that... Critical Unreviewed
CVE-2018-1000653 was published May 14, 2022
The tree list functionality in the photo gallery application in ASUSTOR ADM 3.1.0.RFQ3 has a SQL... Critical Unreviewed
CVE-2018-11511 was published May 14, 2022
The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id... Critical Unreviewed
CVE-2018-16159 was published May 14, 2022
Zend Framework Allows SQL Injection Critical
CVE-2016-4861 was published for zendframework/zendframework (Composer) May 14, 2022
Zend Framework Allows SQL Injection Critical
CVE-2016-6233 was published for zendframework/zendframework (Composer) May 14, 2022
A SQL injection was discovered in /coreframe/app/admin/copyfrom.php in WUZHI CMS 4.1.0 via the... Critical Unreviewed
CVE-2018-15893 was published May 14, 2022
A SQL injection was discovered in /coreframe/app/admin/pay/admin/index.php in WUZHI CMS 4.1.0 via... Critical Unreviewed
CVE-2018-15894 was published May 14, 2022
phpkaiyuancms PhpOpenSourceCMS (POSCMS) V3.2.0 allows an unauthenticated user to execute... Critical Unreviewed
CVE-2018-16278 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database