Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,528 advisories

Loading
Trape through 2019-05-08 has SQL injection via the data[2] variable in core/db.py, as... Critical Unreviewed
CVE-2019-13489 was published May 24, 2022
Realization Concerto Critical Chain Planner (aka CCPM) 5.10.8071 has SQL Injection in at least in... Critical Unreviewed
CVE-2019-13027 was published May 24, 2022
Deepwoods Software WebLibrarian 3.5.2 and earlier is affected by: SQL Injection. The impact is:... Moderate Unreviewed
CVE-2019-1010034 was published May 24, 2022
SolarWinds Network Performance Monitor 12.3 allows SQL Injection via the /api... High Unreviewed
CVE-2018-13442 was published May 24, 2022
An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data.... Critical Unreviewed
CVE-2019-13447 was published May 24, 2022
A vulnerability in the sponsor portal web interface for Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2019-1942 was published May 24, 2022
TechyTalk Quick Chat WordPress Plugin All up to the latest is affected by: SQL Injection. The... Critical Unreviewed
CVE-2019-1010104 was published May 24, 2022
Synetics GmbH I-doit 1.12 and earlier is affected by: SQL Injection. The impact is:... Critical Unreviewed
CVE-2019-1010248 was published May 24, 2022
H3C H3Cloud OS all versions allows SQL injection via the ear/grid_event sidx parameter. Critical Unreviewed
CVE-2019-12193 was published May 24, 2022
Elcom CMS before 10.7 has SQL Injection via EventSearchByState.aspx and EventSearchAdv.aspx. High Unreviewed
CVE-2019-12946 was published May 24, 2022
A SQL injection vulnerability exists in the Icegram Email Subscribers & Newsletters plugin... Critical Unreviewed
CVE-2019-13569 was published May 24, 2022
An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.7 for WordPress.... Critical Unreviewed
CVE-2019-14230 was published May 24, 2022
An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.2 for WordPress.... Critical Unreviewed
CVE-2019-14231 was published May 24, 2022
zzcms version 8.3 and earlier is affected by: SQL Injection. The impact is: zzcms File Delete to... Critical Unreviewed
CVE-2019-1010148 was published May 24, 2022
zzcms 8.3 and earlier is affected by: SQL Injection. The impact is: sql inject. The component is:... Critical Unreviewed
CVE-2019-1010153 was published May 24, 2022
Jeesite 1.2.7 is affected by: SQL Injection. The impact is: sensitive information disclosure. The... Moderate Unreviewed
CVE-2019-1010201 was published May 24, 2022
The AJdG AdRotate plugin before 5.3 for WordPress allows SQL Injection. High Unreviewed
CVE-2019-13570 was published May 24, 2022
OpenSNS v6.1.0 allows SQL Injection via the index.php?s=/ucenter/Config/ uid parameter because of... High Unreviewed
CVE-2019-14266 was published May 24, 2022
eClass platform < ip.2.5.10.2.1 allows an attacker to execute SQL command via /admin/academic... Critical Unreviewed
CVE-2019-9885 was published May 24, 2022
Apache VCL versions 2.1 through 2.5 do not properly validate cookie input when determining what... High Unreviewed
CVE-2018-11772 was published May 24, 2022
Apache VCL versions 2.1 through 2.5 do not properly validate form input when adding and removing... High Unreviewed
CVE-2018-11774 was published May 24, 2022
OXID eShop 6.0.x before 6.0.5 and 6.1.x before 6.1.4 allows SQL Injection via a crafted URL,... Critical Unreviewed
CVE-2019-13026 was published May 24, 2022
cPanel before 74.0.0 allows SQL injection during database backups (SEC-420). Critical Unreviewed
CVE-2018-20887 was published May 24, 2022
cPanel before 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file (SEC-123). Critical Unreviewed
CVE-2016-10817 was published May 24, 2022
cPanel before 11.54.0.4 allows SQL injection in bin/horde_update_usernames (SEC-71). High Unreviewed
CVE-2016-10839 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database