GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,614
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,638
Maven 6,105
npm 4,264
NuGet 760
pip 4,060
Pub 12
RubyGems 956
Rust 1,056
Swift 45

Unreviewed advisories

All unreviewed 277,015

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

15,536 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering... Critical Unreviewed

CVE-2018-7538 was published May 14, 2022

An issue was discovered in PvPGN Stats 2.4.6. SQL Injection exists in ladder/stats.php via the... Critical Unreviewed

CVE-2017-18291 was published May 14, 2022

Kentico 10 before 10.0.50 and 11 before 11.0.3 has SQL injection in the administration interface. High Unreviewed

CVE-2018-6843 was published May 14, 2022

Pradeep Makone wordpress Support Plus Responsive Ticket System version 9.0.2 and earlier contains... Critical Unreviewed

CVE-2018-1000131 was published May 14, 2022

Cells Blog 3.5 has SQL Injection via the pub_readpost.php ptid parameter. High Unreviewed

CVE-2017-17950 was published May 14, 2022

SQL injection vulnerability in the Cybozu Garoon 3.5.0 to 4.2.6 allows remote authenticated... High Unreviewed

CVE-2018-0530 was published May 14, 2022

router.php in the Harmis Ek rishta (aka ek-rishta) 2.10 component for Joomla! allows SQL... High Unreviewed

CVE-2018-12254 was published May 14, 2022

SQL Injection exists in Kliqqi CMS 3.5.2 via the randkey parameter of a new story at the pligg... Critical Unreviewed

CVE-2017-17902 was published May 14, 2022

SQL injection vulnerability in OpenScape Deployment Service (DLS) before 6.x and 7.x before R1.11... Critical Unreviewed

CVE-2014-2652 was published May 14, 2022

In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating, the... High Unreviewed

CVE-2018-1289 was published May 14, 2022

Within the 'getReportType' method in Apache Fineract 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0... High Unreviewed

CVE-2018-1292 was published May 14, 2022

Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the ... Critical Unreviewed

CVE-2017-16846 was published May 14, 2022

CSP MySQL User Manager 2.3.1 allows SQL injection, and resultant Authentication Bypass, via a... Critical Unreviewed

CVE-2018-10757 was published May 14, 2022

IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to SQL injection. A remote attacker could send... Moderate Unreviewed

CVE-2017-1722 was published May 14, 2022

modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horizontal+Vertical+Dropdown)... Critical Unreviewed

CVE-2018-8824 was published May 14, 2022

A SQL Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user... High Unreviewed

CVE-2018-10256 was published May 14, 2022

A SQL injection issue was discovered in the Quick Chat plugin before 4.00 for WordPress. Critical Unreviewed

CVE-2018-12534 was published May 14, 2022

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/info.php key1... High Unreviewed

CVE-2018-10736 was published May 14, 2022

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/commandline.php... High Unreviewed

CVE-2018-10735 was published May 14, 2022

PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the application/home/controller/project.php... Critical Unreviewed

CVE-2018-11032 was published May 14, 2022

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/logbook.php... High Unreviewed

CVE-2018-10737 was published May 14, 2022

The HTML Forms WordPress plugin before 1.3.25 does not properly properly escape a parameter... High Unreviewed

CVE-2022-3689 was published Nov 28, 2022

Trovebox version <= 4.0.0-rc6 contains a SQL Injection vulnerability in album component that can... High Unreviewed

CVE-2018-1000552 was published May 14, 2022

Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id... High Unreviewed

CVE-2022-38610 was published Sep 13, 2022

SQL injection vulnerability in the Pixelpost v1.7.3 and earlier allows remote authenticated... High Unreviewed

CVE-2018-0606 was published May 14, 2022

Previous 1…388…400 Next

Previous 1 2 … 386 387 388 389 390 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

15,536 advisories