Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,541 advisories

Loading
A vulnerability was found in Novel-Plus 4.3.0-RC1 and classified as critical. This issue affects... Moderate Unreviewed
CVE-2024-0941 was published Jan 26, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-22147 was published Jan 27, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-22283 was published Jan 27, 2024
SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers... Critical Unreviewed
CVE-2023-30015 was published Jan 12, 2024
SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers... Critical Unreviewed
CVE-2023-30014 was published Jan 12, 2024
The POST SMTP Mailer WordPress plugin before 2.8.7 does not properly sanitise and escape several... High Unreviewed
CVE-2023-6620 was published Jan 15, 2024
SQL injection in llama-index Critical
CVE-2024-23751 was published for llama-index (pip) Jan 22, 2024
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-1007 was published Jan 29, 2024
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as... High Unreviewed
CVE-2024-1009 was published Jan 29, 2024
The 'HTML5 Video Player' WordPress Plugin, version < 2.5.25 is affected by an unauthenticated SQL... High Unreviewed
CVE-2024-1061 was published Jan 30, 2024
SQL injection vulnerability in Knovos Discovery v.22.67.0 allows a remote attacker to execute... High Unreviewed
CVE-2023-47460 was published Jan 16, 2024
SQL injection vulnerability in StackIdeas EasyDiscuss v.5.0.5 and fixed in v.5.0.10 allows a... High Unreviewed
CVE-2023-51810 was published Jan 16, 2024
A vulnerability, which was classified as critical, has been found in Wanhu ezOFFICE 11.1.0. This... Moderate Unreviewed
CVE-2024-1012 was published Jan 31, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-23507 was published Jan 31, 2024
The Track The Click WordPress plugin before 0.3.12 does not properly sanitize query parameters to... High Unreviewed
CVE-2023-5041 was published Jan 17, 2024
The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin, version 1.5.3, is... High Unreviewed
CVE-2024-0405 was published Jan 17, 2024
SQL Injection vulnerability in TDuckCLoud tduck-platform v.4.0 allows a remote attacker to obtain... Moderate Unreviewed
CVE-2023-51805 was published Jan 13, 2024
ExamSys 9150244 allows SQL Injection via the /Support/action/Pages.php s_score2 parameter. High Unreviewed
CVE-2023-52285 was published Jan 17, 2024
SQL Injection Vulnerability via ActiveRecord comments High
CVE-2023-22794 was published for activerecord (RubyGems) Jan 18, 2023
kurt-r2c
Credited to kurt-r2c
A SQL injection vulnerability has been reported to affect several QNAP operating system versions.... High Unreviewed
CVE-2023-47568 was published Feb 2, 2024
A vulnerability, which was classified as critical, has been found in SourceCodester Testimonial... High Unreviewed
CVE-2024-1197 was published Feb 3, 2024
SQL injection vulnerability in Sourcecodester Budget and Expense Tracker System v1 by oretnom23,... Critical Unreviewed
CVE-2021-40247 was published Jan 22, 2022
A vulnerability classified as critical was found in SourceCodester Cashier Queuing System 1.0.... High Unreviewed
CVE-2022-3579 was published Oct 18, 2022
SunnyToo stblogsearch up to v1.0.0 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed
CVE-2023-43985 was published Jan 19, 2024
A vulnerability in the web-based management interface of Cisco Unified Communications Manager ... High Unreviewed
CVE-2023-20211 was published Aug 17, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database