Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,521 advisories

Loading
Piwigo v13.5.0 was discovered to contain a SQL injection vulnerability via the order[0][dir]... High Unreviewed
CVE-2023-27233 was published May 17, 2023
PrestaShop cdesigner < 3.1.9 is vulnerable to SQL Injection via... Critical Unreviewed
CVE-2023-30191 was published May 17, 2023
Sourcecodester Student Study Center Desk Management System v1.0 admin\reports\index.php#date_from... Critical Unreviewed
CVE-2023-29985 was published May 18, 2023
SEMCMS 1.5 is vulnerable to SQL Injection via Ant_Rponse.php. Critical Unreviewed
CVE-2023-31707 was published May 19, 2023
SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote... Critical Unreviewed
CVE-2023-29809 was published May 19, 2023
IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could... Critical Unreviewed
CVE-2022-47984 was published May 19, 2023
Piwigo 13.6.0 is vulnerable to SQL Injection via /admin/permalinks.php. Critical Unreviewed
CVE-2023-33361 was published May 23, 2023
SourceCodester Employee and Visitor Gate Pass Logging System v1.0 is vulnerable to SQL Injection... Critical Unreviewed
CVE-2023-31752 was published May 23, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-1508 was published May 23, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-2750 was published May 24, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-2045 was published May 24, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-2064 was published May 24, 2023
SQL injection in "/Framewrk/Home.jsp" file (POST method) in tCredence Analytics iDEAL Wealth and... Moderate Unreviewed
CVE-2022-30025 was published May 24, 2023
In the Store Commander scexportcustomers module for PrestaShop through 3.6.1, sensitive SQL calls... Critical Unreviewed
CVE-2023-33278 was published May 25, 2023
In the Store Commander scfixmyprestashop module through 2023-05-09 for PrestaShop, sensitive SQL... Critical Unreviewed
CVE-2023-33279 was published May 25, 2023
In the Store Commander scquickaccounting module for PrestaShop through 3.7.3, multiple sensitive... Critical Unreviewed
CVE-2023-33280 was published May 25, 2023
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin... High Unreviewed
CVE-2023-33439 was published May 26, 2023
An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is an... Critical Unreviewed
CVE-2022-24627 was published May 29, 2023
An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is... High Unreviewed
CVE-2022-24628 was published May 29, 2023
The Fast & Effective Popups & Lead-Generation for WordPress plugin before 2.1.4 concatenates user... Moderate Unreviewed
CVE-2023-2111 was published May 30, 2023
BlueCMS v1.6 was discovered to contain a SQL injection vulnerability via the keywords parameter... Critical Unreviewed
CVE-2023-33734 was published May 31, 2023
SQL Injection vulnerability found in Fighting Cock Information System v.1.0 allows a remote... High Unreviewed
CVE-2021-31233 was published May 31, 2023
SQL injection vulnerability exists in the CONPROSYS HMI System (CHS) versions prior to 3.5.3. A... High Unreviewed
CVE-2023-29154 was published Jun 1, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-3000 was published Jun 2, 2023
ELITE TECHNOLOGY CORP. Web Fax has a vulnerability of SQL Injection. An unauthenticated remote... Critical Unreviewed
CVE-2023-28701 was published Jun 2, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database