Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

7,166 advisories

Loading
SQL Injection in Moodle High
CVE-2022-0983 was published for moodle/moodle (Composer) Mar 26, 2022
SQL Injection in Fork CMS High
CVE-2022-0153 was published for forkcms/forkcms (Composer) Mar 25, 2022
A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated... High Unreviewed
CVE-2022-0386 was published Mar 23, 2022
Beijing Wisdom Vision Technology Industry Co., Ltd One Card Integrated Management System 3.0 is... High Unreviewed
CVE-2021-44345 was published Mar 21, 2022
Piwigo v12.2.0 was discovered to contain a SQL injection vulnerability via pwg.users.php. High Unreviewed
CVE-2022-26266 was published Mar 20, 2022
Authenticated (author or higher user role) SQL Injection (SQLi) vulnerability discovered in FV... High Unreviewed
CVE-2022-25607 was published Mar 19, 2022
Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be obtained. High Unreviewed
CVE-2021-45793 was published Mar 18, 2022
Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin... High Unreviewed
CVE-2021-45791 was published Mar 18, 2022
Slims9 Bulian 9.4.2 is affected by SQL injection in /admin/modules/system/backup.php. User data... High Unreviewed
CVE-2021-45794 was published Mar 18, 2022
A blind SQL injection vulnerability exists in Xbtit 3.1 via the sid parameter in ajaxchat... High Unreviewed
CVE-2021-45821 was published Mar 17, 2022
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in... High Unreviewed
CVE-2022-25491 was published Mar 16, 2022
The WP Email Users WordPress plugin through 1.7.6 does not escape the data_raw parameter in the... High Unreviewed
CVE-2021-24959 was published Mar 15, 2022
The Event Manager and Tickets Selling for WooCommerce WordPress plugin before 3.5.8 does not... High Unreviewed
CVE-2022-0478 was published Mar 15, 2022
The Simple Quotation WordPress plugin through 1.3.2 does not have authorisation (and CSRF) checks... High Unreviewed
CVE-2022-22735 was published Mar 15, 2022
Moodle Blind SQL injection possible via MNet authentication High
CVE-2021-32474 was published for moodle/moodle (Composer) Mar 12, 2022
The login.jsp page of Quicklert for Digium 10.0.0 (1043) is affected by both Blind SQL Injection... High Unreviewed
CVE-2021-43969 was published Mar 11, 2022
Found a potential security vulnerability inside the Pandora API. Affected Pandora FMS version... High Unreviewed
CVE-2022-0507 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/manager/admin_mod.php. An attacker can obtain... High Unreviewed
CVE-2022-24601 was published Mar 11, 2022
Network Olympus version 1.8.0 allows an authenticated admin user to inject SQL queries in '/api... High Unreviewed
CVE-2022-25225 was published Mar 11, 2022
A vulnerability has been identified in SINEC NMS (All versions). A privileged authenticated... High Unreviewed
CVE-2022-24281 was published Mar 9, 2022
The view submission functionality in the Hotscot Contact Form WordPress plugin before 1.3 makes a... High Unreviewed
CVE-2021-24777 was published Mar 8, 2022
The Conversios.io WordPress plugin before 4.6.2 does not sanitise, validate and escape the... High Unreviewed
CVE-2021-24952 was published Mar 8, 2022
The AdRotate WordPress plugin before 5.8.22 does not sanitise and escape the adrotate_action... High Unreviewed
CVE-2022-0267 was published Mar 8, 2022
The RegistrationMagic WordPress plugin before 5.0.2.2 does not sanitise and escape the rm_form_id... High Unreviewed
CVE-2022-0420 was published Mar 8, 2022
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.6 does not sanitise and... High Unreviewed
CVE-2022-0410 was published Mar 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database