Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

7,166 advisories

Loading
Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via... High Unreviewed
CVE-2022-24226 was published Feb 16, 2022
Pivotal Concourse SQL Injection Vulnerability High
CVE-2019-3792 was published for github.com/concourse/concourse (Go) Feb 15, 2022
SQL Injection High Unreviewed
CVE-2020-25695 was published Feb 15, 2022
The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.6 is affected by a SQL... High Unreviewed
CVE-2022-0190 was published Feb 15, 2022
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in ... High Unreviewed
CVE-2022-24646 was published Feb 12, 2022
SAP NetWeaver AS ABAP (Workplace Server) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753,... High Unreviewed
CVE-2022-22540 was published Feb 11, 2022
Possible SQL injection in tablelookupwizard Contao Extension High
GHSA-v3mr-gp7j-pw5w was published for terminal42/contao-tablelookupwizard (Composer) Feb 10, 2022
A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of... High Unreviewed
CVE-2021-37197 was published Feb 10, 2022
An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not... High Unreviewed
CVE-2021-44866 was published Feb 10, 2022
SQL injection in hibernate-core High
CVE-2020-25638 was published for org.hibernate:hibernate-core (Maven) Feb 9, 2022
vmvarga mpihelgas
Credited to vmvarga and mpihelgas
Victor CMS v1.0 was discovered to contain a SQL injection vulnerability that allows attackers to... High Unreviewed
CVE-2022-23873 was published Feb 9, 2022
SQL Injection vulnerability discovered in Unified Office Total Connect Now that would allow an... High Unreviewed
CVE-2022-24121 was published Feb 9, 2022
The Wicked Folders WordPress plugin before 2.8.10 does not sanitise and escape the folder_id... High Unreviewed
CVE-2021-24919 was published Feb 2, 2022
SQL Injection in Casdoor High
CVE-2022-24124 was published for github.com/casdoor/casdoor (Go) Feb 1, 2022
Victor CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component... High Unreviewed
CVE-2021-46459 was published Feb 1, 2022
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator... High Unreviewed
CVE-2022-24264 was published Feb 1, 2022
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator... High Unreviewed
CVE-2022-24265 was published Feb 1, 2022
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator... High Unreviewed
CVE-2022-24266 was published Feb 1, 2022
Mingsoft MCMS SQL injection vulnerability High
CVE-2021-46383 was published for net.mingsoft:ms-mcms (Maven) Jan 27, 2022
Mingsoft MCMS SQL injection vulnerability High
CVE-2021-46385 was published for net.mingsoft:ms-mcms (Maven) Jan 27, 2022
MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because this... High Unreviewed
CVE-2021-45803 was published Jan 26, 2022
The Cookie Notification Plugin for WordPress plugin before 1.0.9 does not sanitise or escape the... High Unreviewed
CVE-2021-24858 was published Jan 25, 2022
The Advanced Custom Fields: Extended WordPress plugin before 0.8.8.7 does not validate the order... High Unreviewed
CVE-2021-24865 was published Jan 25, 2022
The Asgaros Forum WordPress plugin before 1.15.15 does not validate or escape the forum_id... High Unreviewed
CVE-2021-25045 was published Jan 25, 2022
SQL injection vulnerability in Data Loss Protection (DLP) ePO extension 11.8.x prior to 11.8.100,... High Unreviewed
CVE-2021-4088 was published Jan 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database