GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,614
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,638
Maven 6,105
npm 4,264
NuGet 760
pip 4,060
Pub 12
RubyGems 956
Rust 1,056
Swift 45

Unreviewed advisories

All unreviewed 277,025

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,241 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

LyLme Spage 1.2.0 through 1.6.0 is vulnerable to SQL Injection via /admin/apply.php. Critical Unreviewed

CVE-2024-48357 was published Oct 28, 2024

The MRBS version 1.5.0 has an SQL injection vulnerability in the edit_entry_handler.php file,... Critical Unreviewed

CVE-2024-48465 was published Oct 28, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-50479 was published Oct 28, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-50491 was published Oct 28, 2024

The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing unauthenticated remote... Critical Unreviewed

CVE-2024-10440 was published Oct 28, 2024

SQL Injection vulnerability in Best courier management system in php v.1.0 allows a remote... Critical Unreviewed

CVE-2024-48580 was published Oct 25, 2024

Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to SQL Injection in the ... Critical Unreviewed

CVE-2024-41618 was published Oct 25, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2023-6441 was published Oct 24, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-49681 was published Oct 24, 2024

SQL Injection vulnerability in Online Complaint Site v.1.0 allows a remote attacker to escalate... Critical Unreviewed

CVE-2024-44812 was published Oct 23, 2024

A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an... Critical Unreviewed

CVE-2024-35286 was published Oct 21, 2024

Learning with Texts (LWT) 2.0.3 is vulnerable to SQL Injection. This occurs when the application... Critical Unreviewed

CVE-2024-48509 was published Oct 21, 2024

A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab... Critical Unreviewed

CVE-2024-47223 was published Oct 21, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-49305 was published Oct 17, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-49246 was published Oct 17, 2024

The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the ... Critical Unreviewed

CVE-2016-15040 was published Oct 16, 2024

itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to SQL Injection (SQLI... Critical Unreviewed

CVE-2024-48411 was published Oct 15, 2024

Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL... Critical Unreviewed

CVE-2024-48283 was published Oct 15, 2024

SQL injection vulnerability in TAI Smart Factory's QPLANT SF version 1.0. Exploitation of this... Critical Unreviewed

CVE-2024-9925 was published Oct 15, 2024

Property Management System from ChanGate has a SQL Injection vulnerability, allowing... Critical Unreviewed

CVE-2024-9972 was published Oct 15, 2024

AIM LINE Marketing Platform from Esi Technology does not properly validate a specific query... Critical Unreviewed

CVE-2024-9982 was published Oct 15, 2024

Jepaas v7.2.8 was discovered to contain a SQL injection vulnerability via the orderSQL parameter... Critical Unreviewed

CVE-2024-46535 was published Oct 14, 2024

Wavelog 1.8.5 allows Activated_gridmap_model.php get_band_confirmed SQL injection via band, sat,... Critical Unreviewed

CVE-2024-48251 was published Oct 14, 2024

Cloudlog 2.6.15 allows Oqrs.php get_station_info station_id SQL injection. Critical Unreviewed

CVE-2024-48255 was published Oct 14, 2024

The Team+ from TEAMPLUS TECHNOLOGY does not properly validate specific page parameter, allowing... Critical Unreviewed

CVE-2024-9921 was published Oct 14, 2024

Previous 1…20…170 Next

Previous 1 2 … 18 19 20 21 22 … 169 170 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,241 advisories