Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,061
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,540 advisories

Loading
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can... Critical Unreviewed
CVE-2024-24014 was published Feb 8, 2024
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. An attacker can pass... Critical Unreviewed
CVE-2024-24021 was published Feb 8, 2024
jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.controller.DepotHeadController: com... Critical Unreviewed
CVE-2024-24003 was published Feb 8, 2024
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can... Critical Unreviewed
CVE-2024-24017 was published Feb 8, 2024
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. An attacker can pass... Critical Unreviewed
CVE-2024-24023 was published Feb 8, 2024
Sourcecodester Daily Habit Tracker App 1.0 allows SQL Injection via the parameter 'tracker.' High Unreviewed
CVE-2024-24140 was published Jan 29, 2024
Sourcecodester School Task Manager App 1.0 allows SQL Injection via the 'task' parameter. Critical Unreviewed
CVE-2024-24141 was published Jan 29, 2024
Magento 2 Community Edition SQLi Vulnerability Critical
CVE-2019-7139 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition SQLi Vulnerability High
CVE-2019-8127 was published for magento/community-edition (Composer) May 24, 2022
SQL Injection vulnerability in delete-tracker.php in Daily Habit Tracker v.1.0 allows a remote... Critical Unreviewed
CVE-2024-24495 was published Feb 8, 2024
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'rid' parameter in Hotel... Critical Unreviewed
CVE-2024-25315 was published Feb 9, 2024
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'apass' parameter... High Unreviewed
CVE-2024-25304 was published Feb 9, 2024
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'pass' parameter at... High Unreviewed
CVE-2024-25309 was published Feb 9, 2024
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username... High Unreviewed
CVE-2024-25305 was published Feb 9, 2024
SQL Injection vulnerability in Employee Management System v.1.0 allows a remote attacker to... Critical Unreviewed
CVE-2024-24499 was published Feb 8, 2024
Code-projects Cinema Seat Reservation System 1.0 allows SQL Injection via the 'id' parameter at "... Critical Unreviewed
CVE-2024-25307 was published Feb 9, 2024
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at ... High Unreviewed
CVE-2024-25312 was published Feb 9, 2024
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel... Critical Unreviewed
CVE-2024-25316 was published Feb 9, 2024
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'name' parameter at... High Unreviewed
CVE-2024-25308 was published Feb 9, 2024
Sourcecodester Event Student Attendance System 1.0, allows SQL Injection via the 'student'... Critical Unreviewed
CVE-2024-25302 was published Feb 9, 2024
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel... Critical Unreviewed
CVE-2024-25314 was published Feb 9, 2024
Code-projects Simple School Managment System 1.0 allows SQL Injection via the 'id' parameter at ... High Unreviewed
CVE-2024-25310 was published Feb 9, 2024
Apache Derby SQL Injection Moderate
CVE-2006-7217 was published for org.apache.derby:derby (Maven) May 1, 2022
Dell Unity, versions prior to 5.4, contains SQL Injection vulnerability. An authenticated... Moderate Unreviewed
CVE-2024-22221 was published Feb 12, 2024
The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress... Moderate Unreviewed
CVE-2024-0685 was published Feb 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database