Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,986
Erlang
39
GitHub Actions
38
Go
2,626
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
954
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,490 advisories

Loading
SQL injection vulnerability in the XML-RPC interface in Movable Type before 5.18, 5.2.x before 5... High Unreviewed
CVE-2014-9057 was published May 17, 2022
SQL injection vulnerability in the web service in F5 ARX Data Manager 3.0.0 through 3.1.0 allows... Moderate Unreviewed
CVE-2014-2949 was published May 17, 2022
SQL injection vulnerability in the login page in Epiphany Cardio Server 3.3 allows remote... Critical Unreviewed
CVE-2015-6537 was published May 17, 2022
SQL injection vulnerability in the BOKUBLOCK (1) BbAdminViewsControl213 plugin before 1.1 and (2)... Moderate Unreviewed
CVE-2015-7784 was published May 17, 2022
SQL injection vulnerability in IBM Curam Social Program Management 6.1 before 6.1.1 allows remote... Moderate Unreviewed
CVE-2015-5023 was published May 17, 2022
SQL injection vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users... High Unreviewed
CVE-2015-3947 was published May 17, 2022
SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote... Critical Unreviewed
CVE-2016-1154 was published May 17, 2022
SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5... Moderate Unreviewed
CVE-2015-7448 was published May 17, 2022
SQL injection vulnerability in Emerson AMS Device Manager before 13 allows remote authenticated... Moderate Unreviewed
CVE-2015-1008 was published May 17, 2022
Apache Jetspeed vulnerable to SQL Injection High
CVE-2016-0710 was published for org.apache.portals.jetspeed-2:jetspeed (Maven) May 17, 2022
SQL injection vulnerability in the Workflow Screen in dotCMS before 3.3.2 allows remote... High Unreviewed
CVE-2016-4040 was published May 17, 2022
SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated... Moderate Unreviewed
CVE-2016-2301 was published May 17, 2022
SQL injection vulnerability in home/seos/courier/security_key2.api on the Accellion File Transfer... Critical Unreviewed
CVE-2016-2351 was published May 17, 2022
Multiple SQL injection vulnerabilities in the Web Services web server in SolarWinds Storage... Critical Unreviewed
CVE-2016-4350 was published May 17, 2022
The escapeLike function in sqlsrv/database.inc in the Drupal 7 driver for SQL Server and SQL... High Unreviewed
CVE-2015-7876 was published May 17, 2022
SQL injection vulnerability in the StateGetStatesByType function in Kernel/System/State.pm in... High Unreviewed
CVE-2014-1471 was published May 17, 2022
SQL injection vulnerability in pimcore before build 3473 allows remote attackers to execute... High Unreviewed
CVE-2015-4426 was published May 17, 2022
SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows... Critical Unreviewed
CVE-2016-0224 was published May 17, 2022
SQL injection vulnerability in IBM Marketing Platform 8.5.x, 8.6.x, and 9.x before 9.1.2.2 allows... High Unreviewed
CVE-2016-0233 was published May 17, 2022
SQL injection vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 and earlier allows remote... Moderate Unreviewed
CVE-2016-4507 was published May 17, 2022
SQL injection vulnerability in a2billing/customer/iridium_threed.php in Elastix 2.5.0 and earlier... High Unreviewed
CVE-2015-1875 was published May 17, 2022
SQL injection vulnerability in news pages in Cargotec Navis WebAccess before 2016-08-10 allows... Critical Unreviewed
CVE-2016-5817 was published May 17, 2022
SQL injection vulnerability in BulkViewFileContentsAction.java in the Java interface in Cisco... Moderate Unreviewed
CVE-2014-3287 was published May 17, 2022
SQL injection vulnerability in the management application in Cisco Unified Operations Manager... Moderate Unreviewed
CVE-2013-3437 was published May 17, 2022
SQL injection vulnerability in Subrion CMS before 3.3.3 allows remote authenticated users to... Moderate Unreviewed
CVE-2015-4129 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database