Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,527 advisories

Loading
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the export function by a... High Unreviewed
CVE-2019-17294 was published May 24, 2022
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Quotes module by a Regular... High Unreviewed
CVE-2019-17297 was published May 24, 2022
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Administration module by a... High Unreviewed
CVE-2019-17298 was published May 24, 2022
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Emails module by a Regular... High Unreviewed
CVE-2019-17319 was published May 24, 2022
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by a... High Unreviewed
CVE-2019-17318 was published May 24, 2022
Netreo OmniCenter through 12.1.1 allows unauthenticated SQL Injection (Boolean Based Blind) in... High Unreviewed
CVE-2019-17128 was published May 24, 2022
OTCMS v3.85 allows arbitrary PHP Code Execution because admin/sysCheckFile_deal.php blocks "into... High Unreviewed
CVE-2019-17370 was published May 24, 2022
The pretty-link plugin before 1.6.8 for WordPress has PrliLinksController::list_links SQL... High Unreviewed
CVE-2015-9457 was published May 24, 2022
The searchterms-tagging-2 plugin through 1.535 for WordPress has SQL injection via the... High Unreviewed
CVE-2015-9458 was published May 24, 2022
The booking-system plugin before 2.1 for WordPress has DOPBSPBackEndTranslation::display SQL... High Unreviewed
CVE-2015-9460 was published May 24, 2022
The awesome-filterable-portfolio plugin before 1.9 for WordPress has... High Unreviewed
CVE-2015-9461 was published May 24, 2022
The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_category_page... High Unreviewed
CVE-2015-9462 was published May 24, 2022
The wti-like-post plugin before 1.4.3 for WordPress has WtiLikePostProcessVote SQL injection via... Critical Unreviewed
CVE-2015-9466 was published May 24, 2022
The yet-another-stars-rating plugin before 0.9.1 for WordPress has... High Unreviewed
CVE-2015-9465 was published May 24, 2022
The broken-link-manager plugin before 0.5.0 for WordPress has wpslDelURL or wpslEditURL SQL... Critical Unreviewed
CVE-2015-9467 was published May 24, 2022
Adhouma CMS through 2019-10-09 has SQL Injection via the post.php p_id parameter. Critical Unreviewed
CVE-2019-17429 was published May 24, 2022
An issue was discovered in idreamsoft iCMS v7.0.14. There is a spider_project.admincp.php SQL... Critical Unreviewed
CVE-2019-17552 was published May 24, 2022
An issue was discovered in MetInfo v7.0.0 beta. There is SQL Injection via the admin/?n=tags&c... Critical Unreviewed
CVE-2019-17553 was published May 24, 2022
tonyy dormsystem through 1.3 allows SQL Injection in admin.php. Critical Unreviewed
CVE-2019-17580 was published May 24, 2022
An issue was discovered in 74CMS v5.2.8. There is a SQL Injection generated by the _list method... High Unreviewed
CVE-2019-17612 was published May 24, 2022
A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19). An... Critical Unreviewed
CVE-2019-13409 was published May 24, 2022
WiKID Enterprise 2FA (two factor authentication) Enterprise Server through 4.2.0-b2032 is... High Unreviewed
CVE-2019-16917 was published May 24, 2022
A SQL injection vulnerability in processPref.jsp in WiKID 2FA Enterprise Server through 4.2.0... High Unreviewed
CVE-2019-17117 was published May 24, 2022
Multiple SQL injection vulnerabilities in Logs.jsp in WiKID 2FA Enterprise Server through 4.2.0... High Unreviewed
CVE-2019-17119 was published May 24, 2022
The freshmail-newsletter plugin before 1.6 for WordPress has shortcode.php SQL Injection via the ... High Unreviewed
CVE-2015-9496 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database