Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,241 advisories

Loading
netease-youdao/qanything version 1.4.1 contains a vulnerability where unsafe data obtained from... Critical Unreviewed
CVE-2024-7099 was published Oct 13, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-47331 was published Oct 11, 2024
SQL Injection vulnerability in OpenHIS v.1.0 allows an attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2024-46532 was published Oct 11, 2024
The SEUR plugin, in its versions prior to 2.5.11, is vulnerable to time-based SQL injection... Critical Unreviewed
CVE-2024-9201 was published Oct 10, 2024
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated... Critical Unreviewed
CVE-2024-9465 was published Oct 9, 2024
Microsoft Configuration Manager Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-43468 was published Oct 8, 2024
Fujian Kelixin Communication Command and Dispatch Platform <=7.6.6.4391 is vulnerable to SQL... Critical Unreviewed
CVE-2024-45918 was published Oct 8, 2024
A SQL injection vulnerability in login portal in AnteeoWMS before v4.7.34 allows unauthenticated... Critical Unreviewed
CVE-2024-44349 was published Oct 8, 2024
The LatePoint plugin for WordPress is vulnerable to Arbitrary User Password Change via SQL... Critical Unreviewed
CVE-2024-8911 was published Oct 8, 2024
SQL injection vulnerability in SOPlanning <1.45, via /soplanning/www/user_groupes.php in the by... Critical Unreviewed
CVE-2024-9574 was published Oct 7, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-47350 was published Oct 6, 2024
Cavok – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Critical Unreviewed
CVE-2024-45249 was published Oct 6, 2024
Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx.... Critical Unreviewed
CVE-2024-43699 was published Oct 4, 2024
A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the... Critical Unreviewed
CVE-2024-45999 was published Oct 1, 2024
Alisonic Sibylla devices are vulnerable to SQL injection attacks, which could allow complete... Critical Unreviewed
CVE-2024-8630 was published Sep 27, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-3373 was published Sep 27, 2024
The WordPress Simple HTML Sitemap plugin for WordPress is vulnerable to SQL Injection via the 'id... Critical Unreviewed
CVE-2024-7385 was published Sep 25, 2024
The The Events Calendar plugin for WordPress is vulnerable to SQL Injection via the 'order'... Critical Unreviewed
CVE-2024-8275 was published Sep 25, 2024
The Daily Prayer Time plugin for WordPress is vulnerable to SQL Injection via the 'max_word'... Critical Unreviewed
CVE-2024-8621 was published Sep 25, 2024
The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to SQL... Critical Unreviewed
CVE-2024-8436 was published Sep 25, 2024
The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to SQL Injection... Critical Unreviewed
CVE-2024-8624 was published Sep 24, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-7735 was published Sep 23, 2024
Navidrome has Multiple SQL Injections and ORM Leak Critical
CVE-2024-47062 was published for github.com/navidrome/navidrome (Go) Sep 20, 2024
snyff
Credited to snyff
Best House Rental Management System 1.0 contains a SQL injection vulnerability in the... Critical Unreviewed
CVE-2024-46374 was published Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-5958 was published Sep 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database