Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,241 advisories

Loading
MKCMS V5.0 has SQL injection via the bplay.php play parameter. Critical Unreviewed
CVE-2019-10707 was published May 14, 2022
Silverstripe Framework SQLi Vulnerability Critical
CVE-2019-5715 was published for silverstripe/framework (Composer) May 14, 2022
Kohana through 3.3.6 has SQL Injection when the order_by() parameter can be controlled. Critical Unreviewed
CVE-2019-8979 was published May 14, 2022
SQL injection vulnerability in Nagios XI before 5.5.11 allows attackers to execute arbitrary SQL... Critical Unreviewed
CVE-2019-9165 was published May 14, 2022
SQL injection vulnerability in Nagios IM (component of Nagios XI) before 2.2.7 allows attackers... Critical Unreviewed
CVE-2019-9204 was published May 14, 2022
SQL Injection exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp... Critical Unreviewed
CVE-2018-18018 was published May 14, 2022
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary... Critical Unreviewed
CVE-2017-8917 was published May 14, 2022
SuiteCRM before 7.8.28, 7.9.x and 7.10.x before 7.10.15, and 7.11.x before 7.11.3 allows SQL... Critical Unreviewed
CVE-2019-6506 was published May 14, 2022
SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote... Critical Unreviewed
CVE-2019-9184 was published May 14, 2022
Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or mctid parameter. Critical Unreviewed
CVE-2017-17612 was published May 14, 2022
Domoticz before 4.10578 allows SQL Injection via the idx parameter in CWebServer:... Critical Unreviewed
CVE-2019-10664 was published May 14, 2022
The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an... Critical Unreviewed
CVE-2017-17871 was published May 14, 2022
Centreon allows SNMP trap SQL Injection Critical
CVE-2018-19281 was published for centreon/centreon (Composer) May 14, 2022
NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL... Critical Unreviewed
CVE-2022-29383 was published May 14, 2022
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f... Critical Unreviewed
CVE-2022-30370 was published May 14, 2022
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes... Critical Unreviewed
CVE-2022-30413 was published May 14, 2022
Pharmacy Sales And Inventory System v1.0 is vulnerable to SQL Injection via /pharmacy-sales-and... Critical Unreviewed
CVE-2022-30407 was published May 14, 2022
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master... Critical Unreviewed
CVE-2022-30395 was published May 14, 2022
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master... Critical Unreviewed
CVE-2022-30384 was published May 14, 2022
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master... Critical Unreviewed
CVE-2022-30386 was published May 14, 2022
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master... Critical Unreviewed
CVE-2022-30385 was published May 14, 2022
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master... Critical Unreviewed
CVE-2022-30387 was published May 14, 2022
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master... Critical Unreviewed
CVE-2022-30392 was published May 14, 2022
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master... Critical Unreviewed
CVE-2022-30391 was published May 14, 2022
A SQL Injection issue was discovered in Sentrifugo 3.2 via the deptid parameter. Critical Unreviewed
CVE-2018-15873 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database