Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,526 advisories

Loading
SQL injection vulnerability in the City Autocomplete (cityautocomplete) module from ebewe.net for... Critical Unreviewed
CVE-2023-30149 was published Jun 2, 2023
eMedia Consulting simpleRedak up to v2.47.23.05 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2023-33762 was published Jun 2, 2023
The Pricing Table Builder WordPress plugin through 1.1.6 does not properly sanitise and escape a... High Unreviewed
CVE-2023-0900 was published Jun 5, 2023
PrestaShop jmsmegamenu 1.1.x and 2.0.x is vulnerable to SQL Injection via ajax_jmsmegamenu.php. Critical Unreviewed
CVE-2023-29630 was published Jun 5, 2023
PrestaShop jmsthemelayout 2.5.5 is vulnerable to SQL Injection via ajax_jmsvermegamenu.php. Critical Unreviewed
CVE-2023-29629 was published Jun 5, 2023
PrestaShop jmspagebuilder 3.x is vulnerable to SQL Injection via ajax_jmspagebuilder.php. Critical Unreviewed
CVE-2023-29632 was published Jun 6, 2023
The Ultimate Addons for Contact Form 7 plugin for WordPress is vulnerable to SQL Injection via... Moderate Unreviewed
CVE-2023-1615 was published Jun 9, 2023
The Intuitive Custom Post Order plugin for WordPress is vulnerable to SQL Injection in versions... High Unreviewed
CVE-2023-1016 was published Jun 9, 2023
The WP Replicate Post plugin for WordPress is vulnerable to SQL Injection via the post_id... High Unreviewed
CVE-2023-2237 was published Jun 9, 2023
The Active Directory Integration plugin for WordPress is vulnerable to time-based SQL Injection... Moderate Unreviewed
CVE-2023-2484 was published Jun 9, 2023
The Multiple Page Generator Plugin for WordPress is vulnerable to time-based SQL Injection via... High Unreviewed
CVE-2023-2607 was published Jun 9, 2023
Fuel CMS v1.5.2 was discovered to contain a SQL injection vulnerability via the id parameter at ... High Unreviewed
CVE-2023-33557 was published Jun 9, 2023
In Progress MOVEit Transfer before 2021.0.7 (13.0.7), 2021.1.5 (13.1.5), 2022.0.5 (14.0.5), 2022... Critical Unreviewed
CVE-2023-35036 was published Jun 12, 2023
Sourcecodester Service Provider Management System v1.0 is vulnerable to SQL Injection via the ID... Critical Unreviewed
CVE-2023-34581 was published Jun 12, 2023
An attacker can exploit MDS COMPARE TOOL and use specially crafted inputs to read and modify... Moderate Unreviewed
CVE-2023-32115 was published Jun 13, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-3047 was published Jun 13, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-35064 was published Jun 13, 2023
hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability. High Unreviewed
CVE-2023-33817 was published Jun 13, 2023
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at... Critical Unreviewed
CVE-2023-34750 was published Jun 14, 2023
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the gid parameter at... Critical Unreviewed
CVE-2023-34751 was published Jun 14, 2023
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at... Critical Unreviewed
CVE-2023-34752 was published Jun 14, 2023
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the pid parameter at... Critical Unreviewed
CVE-2023-34754 was published Jun 14, 2023
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the tid parameter at... Critical Unreviewed
CVE-2023-34753 was published Jun 14, 2023
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the userid parameter... Critical Unreviewed
CVE-2023-34755 was published Jun 14, 2023
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at... Critical Unreviewed
CVE-2023-34756 was published Jun 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database