Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

7,166 advisories

Loading
Simple College Website 1.0 is vulnerable to unauthenticated file upload & remote code execution... High Unreviewed
CVE-2021-44593 was published Jan 22, 2022
SQL Injection in dolibarr High
CVE-2022-0224 was published for dolibarr/dolibarr (Composer) Jan 21, 2022
pimcore is vulnerable to SQL Injection High
CVE-2022-0258 was published for pimcore/pimcore (Composer) Jan 21, 2022
PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL sentences in the "subnet"... High Unreviewed
CVE-2022-23046 was published Jan 20, 2022
SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection. High Unreviewed
CVE-2021-38694 was published Jan 19, 2022
In SalonERP 3.0.1, a SQL injection vulnerability allows an attacker to inject payload using 'sql'... High Unreviewed
CVE-2021-45406 was published Jan 15, 2022
A SQL injection vulnerability in /mobile/SelectUsers.jsp in SysAid ITIL 20.4.74 b10 allows a... High Unreviewed
CVE-2021-43971 was published Jan 12, 2022
The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its... High Unreviewed
CVE-2021-24862 was published Jan 11, 2022
The WPcalc WordPress plugin through 2.1 does not sanitize user input into the 'did' parameter and... High Unreviewed
CVE-2021-25054 was published Jan 11, 2022
A vulnerability in the showReports module of Zoho ManageEngine Applications Manager before build... High Unreviewed
CVE-2020-28679 was published Jan 11, 2022
The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the ... High Unreviewed
CVE-2021-24786 was published Jan 4, 2022
The Speed Booster Pack âš¡ PageSpeed Optimization Suite WordPress plugin before 4.3.3.1 does not... High Unreviewed
CVE-2021-25023 was published Jan 4, 2022
The Events Made Easy WordPress plugin before 2.2.36 does not sanitise and escape the search_text... High Unreviewed
CVE-2021-25030 was published Jan 4, 2022
Telephony application has a SQL Injection vulnerability.Successful exploitation of this... High Unreviewed
CVE-2021-39978 was published Jan 4, 2022
Changing MOTP (Mobile One Time Password) system’s specific function parameter has insufficient... High Unreviewed
CVE-2021-44161 was published Dec 30, 2021
The Rich Reviews by Starfish WordPress plugin before 1.9.6 does not properly validate the orderby... High Unreviewed
CVE-2021-24753 was published Dec 28, 2021
The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to... High Unreviewed
CVE-2021-44599 was published Dec 24, 2021
The password parameter on Simple Online Mens Salon Management System (MSMS) 1.0 appears to be... High Unreviewed
CVE-2021-44600 was published Dec 24, 2021
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple... High Unreviewed
CVE-2021-43630 was published Dec 23, 2021
An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R... High Unreviewed
CVE-2021-21915 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21921 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21918 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21919 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21920 was published Dec 23, 2021
An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R... High Unreviewed
CVE-2021-21917 was published Dec 23, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database