GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,787

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

15,529 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user... Moderate Unreviewed

CVE-2019-11623 was published May 24, 2022

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/emailingRequest.php... Moderate Unreviewed

CVE-2019-11625 was published May 24, 2022

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user... Moderate Unreviewed

CVE-2019-11620 was published May 24, 2022

The "default reports" feature in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123218 is... Critical Unreviewed

CVE-2019-11678 was published May 24, 2022

Certain Ambit Technologies Pvt. Ltd products are affected by: SQL Injection. This affects iTech... Critical Unreviewed

CVE-2017-12757 was published May 24, 2022

http://codecanyon.net/user/Endober WebFile Explorer 1.0 is affected by: SQL Injection. The impact... High Unreviewed

CVE-2017-12761 was published May 24, 2022

Ynet Interactive - http://demo.ynetinteractive.com/soa/ SOA School Management 3.0 is affected by:... Critical Unreviewed

CVE-2017-12759 was published May 24, 2022

Ynet Interactive - http://demo.ynetinteractive.com/mobiketa/ Mobiketa 4.0 is affected by: SQL... High Unreviewed

CVE-2017-12760 was published May 24, 2022

An issue was discovered in the Web Management Console in IPBRICK OS 6.3. There are multiple SQL... High Unreviewed

CVE-2018-16137 was published May 24, 2022

A SQL injection vulnerability in the activities API in OpenProject before 8.3.2 allows a remote... High Unreviewed

CVE-2019-11600 was published May 24, 2022

The Tubigan "Welcome to our Resort" 1.0 software allows SQL Injection via index.php?p... Critical Unreviewed

CVE-2018-18800 was published May 24, 2022

admin/Lib/Action/FpluginAction.class.php in FDCMS (aka Fangfa Content Manage System) 4.2 allows... High Unreviewed

CVE-2018-17048 was published May 24, 2022

A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and... High Unreviewed

CVE-2019-1825 was published May 24, 2022

A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and... High Unreviewed

CVE-2019-1824 was published May 24, 2022

An issue was discovered in OpenEMR before 5.0.1 Patch 7. There is SQL Injection in the make_task... Critical Unreviewed

CVE-2018-17179 was published May 24, 2022

An issue was discovered in OpenEMR before 5.0.1 Patch 7. SQL Injection exists in the SaveAudit... Critical Unreviewed

CVE-2018-17181 was published May 24, 2022

SQL injection vulnerability in Vtiger CRM before 7.1.0 hotfix3 allows authenticated users to... High Unreviewed

CVE-2019-11057 was published May 24, 2022

SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.0 allows attacker with... High Unreviewed

CVE-2019-5934 was published May 24, 2022

CommSy through 8.6.5 has SQL Injection via the cid parameter. This is fixed in 9.2. High Unreviewed

CVE-2019-11880 was published May 24, 2022

Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help... Critical Unreviewed

CVE-2016-8897 was published May 24, 2022

An issue was discovered in ZOHO ManageEngine OpManager 12.2. The 'apiKey' parameter of "/api/json... High Unreviewed

CVE-2017-11559 was published May 24, 2022

In the Form Maker plugin before 1.13.3 for WordPress, it's possible to achieve SQL injection in... Critical Unreviewed

CVE-2019-10866 was published May 24, 2022

modules/Calendar/Activity.php in Vtiger CRM 6.5.0 allows SQL injection via the contactidlist... High Unreviewed

CVE-2016-10754 was published May 24, 2022

AbanteCart 1.2.8 allows SQL Injection via the source_language parameter to admin/controller/pages... High Unreviewed

CVE-2016-10755 was published May 24, 2022

Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules... Critical Unreviewed

CVE-2016-8898 was published May 24, 2022

Previous 1…369…400 Next

Previous 1 2 … 367 368 369 370 371 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

15,529 advisories