Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,527 advisories

Loading
eBrigade before 5.0 has evenement_choice.php chxCal SQL Injection. High Unreviewed
CVE-2019-16745 was published May 24, 2022
In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/language/admin... High Unreviewed
CVE-2019-16997 was published May 24, 2022
CloudBoot through 2019-03-08 allows SQL Injection via a crafted Status field in JSON data to the... Critical Unreviewed
CVE-2019-16999 was published May 24, 2022
In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/product/admin/product_admin... High Unreviewed
CVE-2019-16996 was published May 24, 2022
NETGEAR SRX5308 4.3.5-3 devices allow SQL Injection, as exploited in the wild in September 2019... High Unreviewed
CVE-2019-17049 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management... High Unreviewed
CVE-2019-12679 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management... High Unreviewed
CVE-2019-12682 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management... High Unreviewed
CVE-2019-12680 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management... High Unreviewed
CVE-2019-12683 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management... High Unreviewed
CVE-2019-12681 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management... High Unreviewed
CVE-2019-12684 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management... High Unreviewed
CVE-2019-12685 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management... High Unreviewed
CVE-2019-12686 was published May 24, 2022
A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco... Moderate Unreviewed
CVE-2019-12710 was published May 24, 2022
In Umbraco 7.3.8, there is SQL Injection in the backoffice/PageWApprove/PageWApproveApi... Critical Unreviewed
CVE-2019-13957 was published May 24, 2022
OpenEMR through 5.0.2 has SQL Injection in the Lifestyle demographic filter criteria in library... Critical Unreviewed
CVE-2019-17197 was published May 24, 2022
The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via... Critical Unreviewed
CVE-2015-9450 was published May 24, 2022
The smooth-slider plugin before 2.7 for WordPress has SQL Injection via the wp-admin/admin.php... High Unreviewed
CVE-2015-9454 was published May 24, 2022
img_gantt.php in Centreon Web before 2.8.27 allows attackers to perform SQL injections via the... High Unreviewed
CVE-2018-21021 was published May 24, 2022
makeXML_ListServices.php in Centreon Web before 2.8.28 allows attackers to perform SQL injections... High Unreviewed
CVE-2018-21022 was published May 24, 2022
vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList or ajax/api/widget... Moderate Unreviewed
CVE-2019-17271 was published May 24, 2022
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the history function by a... High Unreviewed
CVE-2019-17295 was published May 24, 2022
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by an... High Unreviewed
CVE-2019-17292 was published May 24, 2022
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Contacts module by a... High Unreviewed
CVE-2019-17296 was published May 24, 2022
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Project module by a... High Unreviewed
CVE-2019-17293 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database