GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,600

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,240 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A SQL Injection vulnerability exits in the Ramo plugin for GLPI 9.4.6 via the idu parameter in... Critical Unreviewed

CVE-2021-44617 was published Mar 29, 2022

Xiaohuanxiong v1.0 was discovered to contain a SQL injection vulnerability via the id parameter... Critical Unreviewed

CVE-2022-26268 was published Mar 29, 2022

TuziCMS 2.0.6 is affected by SQL injection in \App\Manage\Controller\BannerController.class.php. Critical Unreviewed

CVE-2022-23882 was published Mar 29, 2022

The Block Bad Bots WordPress plugin before 6.88 does not properly sanitise and escape the User... Critical Unreviewed

CVE-2021-25070 was published Mar 29, 2022

The Title Experiments Free WordPress plugin before 9.0.1 does not sanitise and escape the id... Critical Unreviewed

CVE-2022-0784 was published Mar 29, 2022

The Popup Builder WordPress plugin before 4.1.1 does not sanitise and escape the sgpb... Critical Unreviewed

CVE-2022-0479 was published Mar 29, 2022

The Limit Login Attempts (Spam Protection) WordPress plugin before 5.1 does not sanitise and... Critical Unreviewed

CVE-2022-0787 was published Mar 29, 2022

The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the... Critical Unreviewed

CVE-2022-0846 was published Mar 29, 2022

SQLinjection in falcon-plus Critical

CVE-2022-26245 was published for github.com/open-falcon/falcon-plus (Go) Mar 28, 2022

TuziCMS v2.0.6 was discovered to contain a SQL injection vulnerability via the component App... Critical Unreviewed

CVE-2022-26301 was published Mar 26, 2022

An issue was discovered in ApiManager 1.1. there is sql injection vulnerability that can use in ... Critical Unreviewed

CVE-2021-43700 was published Mar 25, 2022

An SQL Injection vulnerability exists in Dreamer CMS 4.0.0 via the tableName parameter. Critical Unreviewed

CVE-2021-43084 was published Mar 25, 2022

CmsWing 1.3.7 is affected by a SQLi vulnerability via parameter: behavior rule. Critical Unreviewed

CVE-2021-43735 was published Mar 24, 2022

The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier... Critical Unreviewed

CVE-2021-27468 was published Mar 24, 2022

A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation... Critical Unreviewed

CVE-2021-27472 was published Mar 24, 2022

The ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier... Critical Unreviewed

CVE-2021-27464 was published Mar 24, 2022

Money Transfer Management System Version 1.0 allows an unauthenticated user to inject SQL queries... Critical Unreviewed

CVE-2022-25222 was published Mar 24, 2022

Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2022-26283 was published Mar 23, 2022

Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2022-26285 was published Mar 23, 2022

Simple Client Management System v1.0 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed

CVE-2022-26284 was published Mar 23, 2022

WebRun 3.6.0.42 is vulnerable to SQL Injection via the P_0 parameter used to set the username... Critical Unreviewed

CVE-2021-43650 was published Mar 23, 2022

MyBatis plus v3.4.3 was discovered to contain a SQL injection vulnerability via the Column... Critical Unreviewed

CVE-2022-25517 was published Mar 23, 2022

Taocms v3.0.2 was discovered to contain a SQL injection vulnerability via the id parameter in ... Critical Unreviewed

CVE-2022-25505 was published Mar 22, 2022

The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST... Critical Unreviewed

CVE-2022-0739 was published Mar 22, 2022

The Advanced Booking Calendar WordPress plugin before 1.7.0 does not validate and escape the... Critical Unreviewed

CVE-2022-0694 was published Mar 22, 2022

Previous 1…161…170 Next

Previous 1 2 … 159 160 161 162 163 … 169 170 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,240 advisories