Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,527 advisories

Loading
Sourcecodester Online Grading System 1.0 is vulnerable to unauthenticated SQL injection and can... Critical Unreviewed
CVE-2019-18344 was published May 24, 2022
Sourcecodester Hotel and Lodge Management System 1.0 is vulnerable to unauthenticated SQL... Critical Unreviewed
CVE-2019-18387 was published May 24, 2022
An exploitable SQL injection vulnerability exist in the authenticated part of YouPHPTube 7.6.... High Unreviewed
CVE-2019-5119 was published May 24, 2022
Exploitable SQL injection vulnerabilities exists in the authenticated portion of YouPHPTube 7.6.... High Unreviewed
CVE-2019-5117 was published May 24, 2022
SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially... High Unreviewed
CVE-2019-5121 was published May 24, 2022
A flaw was discovered in postgresql where arbitrary SQL statements can be executed given a... High Unreviewed
CVE-2019-10208 was published May 24, 2022
In Progress MOVEit Transfer 10.2 before 10.2.6 (2018.3), 11.0 before 11.0.4 (2019.0.4), and 11.1... Critical Unreviewed
CVE-2019-18464 was published May 24, 2022
A SQL injection vulnerability in a /login/forgot1 POST request in ARP-GUARD 4.0.0-5 allows... Critical Unreviewed
CVE-2019-18663 was published May 24, 2022
On BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, 13.1.0-13.1.3.1, and 12.1.0-12.1.5, a vulnerability... Moderate Unreviewed
CVE-2019-6658 was published May 24, 2022
An issue was discovered in YouPHPTube through 7.7. User input passed through the live_stream_code... Critical Unreviewed
CVE-2019-18662 was published May 24, 2022
SuiteCRM 7.10.x versions prior to 7.10.21 and 7.11.x versions prior to 7.11.9 allow SQL Injection. Critical Unreviewed
CVE-2019-18784 was published May 24, 2022
An SQL Injection vulnerability in SAP Quality Management (corrected in S4CORE versions 1.0, 1.01,... Moderate Unreviewed
CVE-2019-0393 was published May 24, 2022
main/resources/mapper/NewBeeMallGoodsMapper.xml in newbee-mall (aka New Bee) before 2019-10-23... Critical Unreviewed
CVE-2019-19113 was published May 24, 2022
OpenTrade before 2019-11-23 allows SQL injection, related to server/modules/api/v1.js and server... Critical Unreviewed
CVE-2019-19250 was published May 24, 2022
A vulnerability in the web UI of Cisco DNA Spaces: Connector could allow an authenticated, remote... Moderate Unreviewed
CVE-2019-15995 was published May 24, 2022
Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1.... High Unreviewed
CVE-2019-5111 was published May 24, 2022
The username parameter of the TITool PrintMonitor solution during the login request is vulnerable... Critical Unreviewed
CVE-2018-7282 was published May 24, 2022
Intesync Solismed 3.3sp has SQL Injection. Critical Unreviewed
CVE-2019-15933 was published May 24, 2022
Equinox Control Expert all versions, is vulnerable to an SQL injection attack, which may allow an... Critical Unreviewed
CVE-2019-18234 was published May 24, 2022
_account_move_file_in_folder.ajax.php in MFScripts YetiShare 3.5.2 directly inserts values from... High Unreviewed
CVE-2019-19734 was published May 24, 2022
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x... Critical Unreviewed
CVE-2015-0244 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow... Moderate Unreviewed
CVE-2020-3339 was published May 24, 2022
The DAO/DTO implementation in SpringBlade through 2.7.1 allows SQL Injection in an ORDER BY... Critical Unreviewed
CVE-2020-16165 was published May 24, 2022
The Side Menu Lite – add sticky fixed buttons WordPress plugin before 2.2.1 does not properly... High Unreviewed
CVE-2021-24521 was published May 24, 2022
The get_fb_likeboxes() function in the Popup Like box – Page Plugin WordPress plugin before 3.5... High Unreviewed
CVE-2021-24460 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database