Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

7,166 advisories

Loading
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21923 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21922 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21924 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21925 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21927 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21929 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21931 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21928 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21932 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21933 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21937 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21935 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21936 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21930 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21934 was published Dec 23, 2021
The get_query() function of the Ni WooCommerce Custom Order Status WordPress plugin before 1.9.7,... High Unreviewed
CVE-2021-24846 was published Dec 22, 2021
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly... High Unreviewed
CVE-2021-24750 was published Dec 22, 2021
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via... High Unreviewed
CVE-2021-44874 was published Dec 22, 2021
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection... High Unreviewed
CVE-2021-35234 was published Dec 21, 2021
JFrog Artifactory before 7.25.4 (Enterprise+ deployments only), is vulnerable to Blind SQL... High Unreviewed
CVE-2021-3860 was published Dec 21, 2021
SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection. High Unreviewed
CVE-2021-45041 was published Dec 20, 2021
The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows... High Unreviewed
CVE-2020-18081 was published Dec 18, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... High Unreviewed
CVE-2021-41365 was published Dec 16, 2021
SQL injection in jackalope/jackalope-doctrine-dbal High
CVE-2021-43822 was published for jackalope/jackalope-doctrine-dbal (Composer) Dec 14, 2021
alexander-schranz
Credited to alexander-schranz
The SEO Booster WordPress plugin through 3.7 allows for authenticated SQL injection via the ... High Unreviewed
CVE-2021-24747 was published Dec 14, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database