Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,262
NuGet
760
pip
4,058
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,536 advisories

Loading
A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected... High Unreviewed
CVE-2024-23810 was published Feb 13, 2024
SQL injection vulnerability in the web-based administration interface for iisPROTECT 2.2-r4, and... High Unreviewed
CVE-2003-0377 was published Apr 29, 2022
An SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility... Low Unreviewed
CVE-2024-23603 was published Feb 14, 2024
SQLAlchemyDA unauthenticated arbitrary SQL query execution Critical
CVE-2024-24811 was published for Products.SQLAlchemyDA (pip) Feb 7, 2024
perrinjerome dataflake
Credited to perrinjerome and dataflake
The WP Booking Calendar plugin for WordPress is vulnerable to SQL Injection via the ... Critical Unreviewed
CVE-2024-1207 was published Feb 8, 2024
EC-WEB FS-EZViewer(Web)'s query functionality lacks proper restrictions of user input, allowing... High Unreviewed
CVE-2024-1523 was published Feb 15, 2024
EBM Technologies RISWEB's specific query function parameter does not properly restrict user input... Critical Unreviewed
CVE-2024-26264 was published Feb 15, 2024
EBM Technologies Uniweb/SoliPACS WebServer's query functionality lacks proper restrictions of... High Unreviewed
CVE-2024-26262 was published Feb 15, 2024
Query Binding Exploitation High
CVE-2021-21263 was published for illuminate/database (Composer) Jan 19, 2021
Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the id... High Unreviewed
CVE-2024-25213 was published Feb 14, 2024
Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2024-25216 was published Feb 14, 2024
Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the id... High Unreviewed
CVE-2024-25212 was published Feb 14, 2024
Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2024-25215 was published Feb 14, 2024
A vulnerability, which was classified as critical, has been found in ECshop 4.1.8. Affected by... Moderate Unreviewed
CVE-2024-1530 was published Feb 15, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-5155 was published Feb 15, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-7081 was published Feb 15, 2024
JFinalCMS 5.0.0 is vulnerable to SQL injection via /admin/content/data. Critical Unreviewed
CVE-2024-24029 was published Feb 2, 2024
jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.controller.MaterialController: com... Critical Unreviewed
CVE-2024-24002 was published Feb 7, 2024
jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.controller.DepotHeadController: com... Critical Unreviewed
CVE-2024-24004 was published Feb 7, 2024
SQL injection vulnerability in the libpam-pgsql library before 0.5.2 allows attackers to execute... High Unreviewed
CVE-2004-0366 was published Apr 29, 2022
Zoho ManageEngine ADAudit Plus through 7250 is vulnerable to SQL Injection in the report export... Critical Unreviewed
CVE-2023-48792 was published Feb 2, 2024
ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL... High Unreviewed
CVE-2024-0253 was published Feb 2, 2024
SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows attackers to run... Critical Unreviewed
CVE-2022-47072 was published Jan 31, 2024
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel... High Unreviewed
CVE-2024-25318 was published Feb 9, 2024
JFrog Artifactory before 7.25.4 (Enterprise+ deployments only), is vulnerable to Blind SQL... High Unreviewed
CVE-2021-3860 was published Dec 21, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database