Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,532 advisories

Loading
The 'reportID' parameter received by the '/common/run_report.php' script in the Quest KACE System... Critical Unreviewed
CVE-2018-11140 was published May 14, 2022
An issue was discovered in SITEMAKIN SLAC (Site Login and Access Control) v1.0. The parameter ... Critical Unreviewed
CVE-2018-11535 was published May 14, 2022
School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection... High Unreviewed
CVE-2022-38267 was published Sep 9, 2022
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via... High Unreviewed
CVE-2022-38303 was published Sep 13, 2022
Online Leave Management System v1.0 was discovered to contain a SQL injection vulnerability via... High Unreviewed
CVE-2022-38302 was published Sep 13, 2022
Apartment Visitor Management System v1.0 was discovered to contain a SQL injection vulnerability... High Unreviewed
CVE-2022-38265 was published Sep 9, 2022
School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection... High Unreviewed
CVE-2022-38268 was published Sep 9, 2022
A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows... High Unreviewed
CVE-2022-36257 was published Sep 13, 2022
A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0... High Unreviewed
CVE-2022-36258 was published Sep 13, 2022
An issue was discovered in Active Intelligent Visualization 5. The Vdc header is used in a SQL... Critical Unreviewed
CVE-2021-44835 was published Sep 10, 2022
An issue was discovered in phpMyAdmin. In the "User group" and "Designer" features, a user can... High Unreviewed
CVE-2016-6616 was published May 14, 2022
\application\admin\controller\update_urls.class.php in YzmCMS 3.6 has SQL Injection via the... High Unreviewed
CVE-2018-7579 was published May 14, 2022
iScripts eSwap v2.4 has SQL injection via the "registration_settings.php" ddlFree parameter in... High Unreviewed
CVE-2018-10050 was published May 14, 2022
Multiple SQL Injections exist in PHP Scripts Mall Schools Alert Management Script via crafted... Critical Unreviewed
CVE-2018-12055 was published May 14, 2022
SQL Injection exists in PHP Scripts Mall Schools Alert Management Script via the q Parameter in... Critical Unreviewed
CVE-2018-12052 was published May 14, 2022
The upsql function in \Lib\Lib\Action\Admin\DataAction.class.php in Gxlcms QY v1.0.0713 allows... Critical Unreviewed
CVE-2018-9247 was published May 14, 2022
A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 search configuration... High Unreviewed
CVE-2018-6230 was published May 14, 2022
CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection... High Unreviewed
CVE-2018-8953 was published May 14, 2022
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the... Critical Unreviewed
CVE-2017-18287 was published May 14, 2022
An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is possible to inject SQL code... Critical Unreviewed
CVE-2018-7474 was published May 14, 2022
A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering... Critical Unreviewed
CVE-2018-7538 was published May 14, 2022
** DISPUTED ** In OpenResty through 1.13.6.1, URI parameters are obtained using the ngx.req... Critical Unreviewed
CVE-2018-9230 was published May 14, 2022
An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the... Critical Unreviewed
CVE-2017-18291 was published May 14, 2022
Pradeep Makone wordpress Support Plus Responsive Ticket System version 9.0.2 and earlier contains... Critical Unreviewed
CVE-2018-1000131 was published May 14, 2022
Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid parameter. High Unreviewed
CVE-2017-17950 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database