GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,819

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

15,529 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The constructSQL function in inc/search.class.php in GLPI 9.2.x through 9.3.0 allows SQL... High Unreviewed

CVE-2018-13049 was published May 14, 2022

portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter. High Unreviewed

CVE-2018-12110 was published May 14, 2022

SQL injection vulnerability in administration/profiles.php in BoonEx Dolphin 7.1.4 and earlier... Moderate Unreviewed

CVE-2014-3810 was published May 14, 2022

Multiple SQL injection vulnerabilities in the All In One WP Security & Firewall plugin before 3.8... Moderate Unreviewed

CVE-2014-6242 was published May 14, 2022

A SQL Injection vulnerability exists in Zoho ManageEngine Applications Manager 13.x before build... Critical Unreviewed

CVE-2018-13050 was published May 14, 2022

Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /MyPage... Critical Unreviewed

CVE-2017-16851 was published May 14, 2022

There is a time-based blind SQL injection vulnerability in the Access Manager component before 9... Critical Unreviewed

CVE-2018-10197 was published May 14, 2022

WolfSight CMS 3.2 allows SQL injection via the PATH_INFO to the default URI. Critical Unreviewed

CVE-2018-14012 was published May 14, 2022

An issue was discovered in WUZHI CMS 4.1.0. The vulnerable file is coreframe/app/order/admin... High Unreviewed

CVE-2018-14472 was published May 14, 2022

joyplus-cms 1.6.0 has SQL Injection via the manager/admin_ajax.php val parameter. Critical Unreviewed

CVE-2018-14389 was published May 14, 2022

Multiple SQL injection vulnerabilities in Sefrengo before 1.6.2 allow (1) remote attackers to... High Unreviewed

CVE-2015-1428 was published May 14, 2022

An issue was discovered in cckevincyh SSH CompanyWebsite through 2018-05-03. SQL injection exists... Critical Unreviewed

CVE-2018-14440 was published May 14, 2022

SQL injection vulnerability in all versions prior to V2.01.05.09 of the ZTE ZXIPTV-UCM product... High Unreviewed

CVE-2017-10937 was published May 14, 2022

SQL injection vulnerability in the Notifications application in the Cybozu Garoon 3.5.0 to 4.6.2... High Unreviewed

CVE-2018-0607 was published May 14, 2022

SQL injection vulnerability in client-edit.php in ProjectSend (formerly cFTP) r561 allows remote... Moderate Unreviewed

CVE-2015-2564 was published May 14, 2022

dl/dl_sendmail.php in zzcms 8.3 has SQL Injection via the sql parameter. Critical Unreviewed

CVE-2018-14961 was published May 14, 2022

SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote... Critical Unreviewed

CVE-2018-10969 was published May 14, 2022

A vulnerability was found in viakondratiuk cash-machine. It has been declared as critical. This... Critical Unreviewed

CVE-2015-10069 was published Jan 19, 2023

A vulnerability was found in frioux ptome. It has been rated as critical. This issue affects some... Critical Unreviewed

CVE-2010-10009 was published Jan 18, 2023

An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.user.php has SQL Injection via... High Unreviewed

CVE-2018-14967 was published May 14, 2022

An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.address.php has SQL Injection... Critical Unreviewed

CVE-2018-14968 was published May 14, 2022

SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows... High Unreviewed

CVE-2011-1060 was published May 14, 2022

SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to... High Unreviewed

CVE-2011-1061 was published May 14, 2022

The vulnerability exists within processing of xmlserver.php in Schneider Electric U.motion... High Unreviewed

CVE-2018-7769 was published May 14, 2022

The vulnerability exists within processing of localize.php in Schneider Electric U.motion Builder... High Unreviewed

CVE-2018-7774 was published May 14, 2022

Previous 1…391…400 Next

Previous 1 2 … 389 390 391 392 393 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

15,529 advisories