Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,518 advisories

Loading
The Web Directory Free for WordPress is vulnerable to SQL Injection via the ‘post_id’ parameter... High Unreviewed
CVE-2023-2201 was published Jul 6, 2023
The uListing plugin for WordPress is vulnerable to generic SQL Injection via the ‘listing_id’... High Unreviewed
CVE-2021-4340 was published Jul 6, 2023
ai-dev aicombinationsonfly before v0.3.1 was discovered to contain a SQL injection vulnerability... High Unreviewed
CVE-2023-33664 was published Jul 7, 2023
SQL injection vulnerability found in PrestaShop lekerawen_ocs before v.1.4.1 allow a remote... Critical Unreviewed
CVE-2023-27845 was published Jul 7, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-2046 was published Jul 10, 2023
Auth. (admin+) SQL Injection (SQLi) vulnerability in David F. Carr RSVPMaker plugin < 10.5.5... High Unreviewed
CVE-2023-29095 was published Jul 10, 2023
The All In One Redirection WordPress plugin before 2.2.0 does not properly sanitise and escape... High Unreviewed
CVE-2023-2493 was published Jul 10, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-2852 was published Jul 10, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-3045 was published Jul 10, 2023
The MStore API WordPress plugin before 3.9.8 does not sanitise and escape a parameter before... Critical Unreviewed
CVE-2023-3077 was published Jul 10, 2023
SQL injection vulnerability in wmanager v.1.0.7 and before allows a remote attacker to obtain... High Unreviewed
CVE-2023-36293 was published Jul 11, 2023
SQL injection vulnerability found in PrestaShop vivawallet v.1.7.10 and before allows a remote... Critical Unreviewed
CVE-2023-26861 was published Jul 11, 2023
The WP EasyCart plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’... High Unreviewed
CVE-2023-3023 was published Jul 12, 2023
A CWE-89: Improper Neutralization of Special Elements vulnerability used in an SQL Command ('SQL... High Unreviewed
CVE-2023-37196 was published Jul 12, 2023
A CWE-89: Improper Neutralization of Special Elements vulnerability used in an SQL Command (... High Unreviewed
CVE-2023-37197 was published Jul 12, 2023
Code-projects Online Restaurant Management System 1.0 is vulnerable to SQL Injection. Through SQL... Critical Unreviewed
CVE-2023-37627 was published Jul 12, 2023
Online Piggery Management System 1.0 is vulnerable to SQL Injection. Critical Unreviewed
CVE-2023-37628 was published Jul 12, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2023-34133 was published Jul 13, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-1547 was published Jul 13, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-2957 was published Jul 13, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-35070 was published Jul 13, 2023
A SQL injection vulnerability in the Boxtal (envoimoinscher) module for PrestaShop, after version... Critical Unreviewed
CVE-2023-30151 was published Jul 13, 2023
The AN_GradeBook WordPress plugin through 5.0.1 does not properly sanitise and escape a parameter... High Unreviewed
CVE-2023-2636 was published Jul 17, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-2963 was published Jul 17, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-3376 was published Jul 17, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database