Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

7,166 advisories

Loading
The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPress plugin through 2.7,... High Unreviewed
CVE-2021-24848 was published Dec 14, 2021
The Quotes Collection WordPress plugin through 2.5.2 does not validate and escape the bulkcheck... High Unreviewed
CVE-2021-24861 was published Dec 14, 2021
An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in... High Unreviewed
CVE-2021-40280 was published Dec 10, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in... High Unreviewed
CVE-2021-40279 was published Dec 10, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 in dl/dl_print.php when... High Unreviewed
CVE-2021-40281 was published Dec 10, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, abd 2021 in dl/dl_download.php.... High Unreviewed
CVE-2021-40282 was published Dec 10, 2021
A improper neutralization of special elements used in an sql command ('sql injection') in... High Unreviewed
CVE-2021-42760 was published Dec 9, 2021
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution... High Unreviewed
CVE-2021-40860 was published Dec 9, 2021
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution... High Unreviewed
CVE-2021-40861 was published Dec 9, 2021
A SQL Injection vulnerability exists in Ivanti Avalance before 6.3.3 allows an attacker with... High Unreviewed
CVE-2021-42131 was published Dec 8, 2021
Authenticated Blind & Error-based SQL injection vulnerability was discovered in Online Enrollment... High Unreviewed
CVE-2021-40578 was published Dec 8, 2021
SQL injection in prestashop/prestashop High
CVE-2021-43789 was published for prestashop/prestashop (Composer) Dec 7, 2021
PierreRambaud
Credited to PierreRambaud
Piwigo v11.5 was discovered to contain a SQL injection vulnerability via the parameter pwg_token... High Unreviewed
CVE-2021-40313 was published Dec 7, 2021
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function... High Unreviewed
CVE-2021-25783 was published Dec 4, 2021
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function... High Unreviewed
CVE-2021-25784 was published Dec 4, 2021
The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape a parameter before... High Unreviewed
CVE-2020-35012 was published Dec 3, 2021
Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A... High Unreviewed
CVE-2021-36328 was published Dec 1, 2021
The myCred WordPress plugin before 2.3 does not validate or escape the fields parameter before... High Unreviewed
CVE-2021-24755 was published Nov 30, 2021
The Email Before Download WordPress plugin before 6.8 does not properly validate and escape the... High Unreviewed
CVE-2021-24748 was published Nov 30, 2021
The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields... High Unreviewed
CVE-2021-24889 was published Nov 30, 2021
The BSK PDF Manager WordPress plugin before 3.1.2 does not validate and escape the orderby and... High Unreviewed
CVE-2021-24860 was published Nov 30, 2021
An authenticated user could potentially execute code via an SQLi vulnerability in the user portal... High Unreviewed
CVE-2021-36807 was published Nov 27, 2021
Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL... High Unreviewed
CVE-2021-36299 was published Nov 24, 2021
iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability. An... High Unreviewed
CVE-2021-36300 was published Nov 24, 2021
SQL Injection in thinkjs High
CVE-2020-21176 was published for thinkjs (npm) Nov 19, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database