GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,946

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,241 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb leading to remote root Critical Unreviewed

CVE-2017-1000060 was published May 13, 2022

SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote... Critical Unreviewed

CVE-2014-2323 was published May 13, 2022

The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links... Critical Unreviewed

CVE-2018-17254 was published May 13, 2022

An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote... Critical Unreviewed

CVE-2018-9029 was published May 13, 2022

Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5... Critical Unreviewed

CVE-2018-13824 was published May 13, 2022

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote... Critical Unreviewed

CVE-2016-2386 was published May 13, 2022

SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder... Critical Unreviewed

CVE-2016-4999 was published May 13, 2022

Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via Mail Server settings. Critical Unreviewed

CVE-2018-18949 was published May 13, 2022

Zoho ManageEngine OpManager 12.3 before 123238 allows SQL injection via the getGraphData API. Critical Unreviewed

CVE-2018-20173 was published May 13, 2022

Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL injection in the Alarms section. Critical Unreviewed

CVE-2018-20338 was published May 13, 2022

SQL injection vulnerability in the MaLion for Windows and Mac 5.0.0 to 5.2.1 allows remote... Critical Unreviewed

CVE-2017-10816 was published May 13, 2022

An issue was discovered in Appnitro MachForm before 4.2.3. There is a download.php SQL injection... Critical Unreviewed

CVE-2018-6410 was published May 13, 2022

SQL injection vulnerability in the authentication functionality in Trend Micro Email Encryption... Critical Unreviewed

CVE-2016-4351 was published May 13, 2022

The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php. Critical Unreviewed

CVE-2017-13137 was published May 13, 2022

SQL injection vulnerability in the checkPassword function in Symmetricom s350i 2.70.15 allows... Critical Unreviewed

CVE-2014-5071 was published May 13, 2022

Point Of Sales 1.0 allows SQL injection via the login screen, related to LoginForm1.vb. Critical Unreviewed

CVE-2018-18805 was published May 13, 2022

LayerBB 1.1.1 and 1.1.3 has SQL Injection via the search.php search_query parameter. Critical Unreviewed

CVE-2018-17988 was published May 13, 2022

An exploitable SQL injection vulnerability exists in the administrator web portal function of... Critical Unreviewed

CVE-2018-4056 was published May 13, 2022

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page... Critical Unreviewed

CVE-2022-29995 was published May 13, 2022

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin... Critical Unreviewed

CVE-2022-29992 was published May 13, 2022

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/bookings... Critical Unreviewed

CVE-2022-29993 was published May 13, 2022

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page... Critical Unreviewed

CVE-2022-29994 was published May 13, 2022

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page... Critical Unreviewed

CVE-2022-29987 was published May 13, 2022

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master... Critical Unreviewed

CVE-2022-29988 was published May 13, 2022

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master... Critical Unreviewed

CVE-2022-29989 was published May 13, 2022

Previous 1…152…170 Next

Previous 1 2 … 150 151 152 153 154 … 169 170 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,241 advisories