Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,537 advisories

Loading
SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code... Critical Unreviewed
CVE-2023-46953 was published Jan 6, 2024
SQL injection vulnerability in EmpireCMS v7.5, allows remote attackers to execute arbitrary code... High Unreviewed
CVE-2023-50162 was published Jan 9, 2024
The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is... Moderate Unreviewed
CVE-2022-2717 was published Sep 7, 2022
In PHPGurukul Art Gallery Management System v1.1, "Update Artist Image" functionality of "imageid... Moderate Unreviewed
CVE-2023-51978 was published Jan 12, 2024
SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers... Critical Unreviewed
CVE-2023-30016 was published Jan 12, 2024
Requests to cache an image and return its metadata could be abused to include SQL queries that... High Unreviewed
CVE-2023-26452 was published Nov 2, 2023
The cacheservice API could be abused to inject parameters with SQL syntax which was... High Unreviewed
CVE-2023-26439 was published Aug 2, 2023
Requests to fetch image metadata could be abused to include SQL queries that would be executed... High Unreviewed
CVE-2023-26454 was published Nov 2, 2023
The cacheservice API could be abused to indirectly inject parameters with SQL syntax which was... High Unreviewed
CVE-2023-26440 was published Aug 2, 2023
Requests to cache an image could be abused to include SQL queries that would be executed... High Unreviewed
CVE-2023-26453 was published Nov 2, 2023
Full-text autocomplete search allows user-provided SQL syntax to be injected to SQL statements.... Critical Unreviewed
CVE-2023-26443 was published Aug 2, 2023
Imageconverter API endpoints provided methods that were not sufficiently validating and... Moderate Unreviewed
CVE-2023-29047 was published Nov 2, 2023
A vulnerability was found in biantaibao octopus 1.0. It has been classified as critical. Affected... Moderate Unreviewed
CVE-2024-0784 was published Jan 22, 2024
A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco... Moderate Unreviewed
CVE-2023-20271 was published Jan 17, 2024
A Time-Based SQL Injection vulnerability was discovered in Hospital Management System V4.0 which... Moderate Unreviewed
CVE-2020-26630 was published Jan 10, 2024
SEMCMS v4.8 was discovered to contain a SQL injection vulnerability via the languageID parameter... High Unreviewed
CVE-2023-48864 was published Jan 10, 2024
A vulnerability in web-based management interface of the of Cisco Email Security Appliance and... Moderate Unreviewed
CVE-2022-20867 was published Nov 4, 2022
A vulnerability was found in Shaoxing Background Management System. It has been declared as... Critical Unreviewed
CVE-2022-4277 was published Dec 3, 2022
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has... Moderate Unreviewed
CVE-2024-0883 was published Jan 25, 2024
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has... Moderate Unreviewed
CVE-2024-0884 was published Jan 25, 2024
A vulnerability was found in hongmaple octopus 1.0. It has been classified as critical. Affected... Moderate Unreviewed
CVE-2024-0890 was published Jan 26, 2024
Wuzhicms v4.1.0 was discovered to contain a SQL injection vulnerability via the $keywords... Critical Unreviewed
CVE-2023-52064 was published Jan 10, 2024
SQL Injection in Admin download files as zip High
CVE-2024-23646 was published for pimcore/admin-ui-classic-bundle (Composer) Jan 24, 2024
wkania
Credited to wkania
A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.9. This... Moderate Unreviewed
CVE-2024-0938 was published Jan 26, 2024
SQL injection vulnerability in BibORB 1.3.2, and possibly earlier versions, allows remote... High Unreviewed
CVE-2005-0252 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database