GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
12,193 advisories
Filter by severity
This vulnerability allows remote attackers to disclose sensitive information on affected...
High
Unreviewed
CVE-2020-15619
was published
May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected...
High
Unreviewed
CVE-2020-15618
was published
May 24, 2022
CakePHP Database\\Query::offset() and limit() methods are vulnerable to SQL injection
Critical
CVE-2023-22727
was published
for
cakephp/cakephp
(Composer)
Jan 20, 2023
** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in...
Critical
Unreviewed
CVE-2010-10007
was published
Jan 18, 2023
ZenTao 16.4 to 18.0.beta1 is vulnerable to SQL injection. After logging in with any user, you can...
High
Unreviewed
CVE-2022-47745
was published
Jan 19, 2023
Jeecg-boot is vulnerable to SQL injection
Critical
CVE-2022-47105
was published
for
org.jeecgframework.boot:jeecg-boot-base-core
(Maven)
Jan 19, 2023
There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability...
Critical
Unreviewed
CVE-2022-46071
was published
Dec 14, 2022
Network Olympus version 1.8.0 allows an authenticated admin user to inject SQL queries in '/api...
High
Unreviewed
CVE-2022-25225
was published
Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/manager/admin_mod.php. An attacker can obtain...
High
Unreviewed
CVE-2022-24601
was published
Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/news_ok.php.
Critical
Unreviewed
CVE-2022-24607
was published
Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/news_mod.php.
Critical
Unreviewed
CVE-2022-24602
was published
Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/sort_mod.php.
Critical
Unreviewed
CVE-2022-24603
was published
Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/link/link_ok.php.
Critical
Unreviewed
CVE-2022-24605
was published
Mar 11, 2022
Luocms v2.0 is affected by SQL Injection through /admin/login.php. An attacker can log in to the...
Critical
Unreviewed
CVE-2022-24600
was published
Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/sort_ok.php.
Critical
Unreviewed
CVE-2022-24606
was published
Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/link/link_mod.php.
Critical
Unreviewed
CVE-2022-24604
was published
Mar 11, 2022
Found a potential security vulnerability inside the Pandora API. Affected Pandora FMS version...
High
Unreviewed
CVE-2022-0507
was published
Mar 11, 2022
The login.jsp page of Quicklert for Digium 10.0.0 (1043) is affected by both Blind SQL Injection...
High
Unreviewed
CVE-2021-43969
was published
Mar 11, 2022
SQL Injection in FreeTAKServer-UI
Moderate
CVE-2022-25506
was published
for
FreeTAKServer-UI
(pip)
Mar 12, 2022
SQL Injection in WordPress Zero Spam WordPress plugin
Critical
CVE-2022-0254
was published
for
bmarshall511/wordpress_zero_spam
(Composer)
Mar 15, 2022
DQL injection through sorting parameters blocked
Critical
CVE-2022-24752
was published
for
sylius/grid-bundle
(Composer)
Mar 15, 2022
The CommonsBooking WordPress plugin before 2.6.8 does not sanitise and escape the location...
Critical
Unreviewed
CVE-2022-0658
was published
Mar 15, 2022
The Event Manager and Tickets Selling for WooCommerce WordPress plugin before 3.5.8 does not...
High
Unreviewed
CVE-2022-0478
was published
Mar 15, 2022
The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the...
Critical
Unreviewed
CVE-2022-0169
was published
Mar 15, 2022
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via...
Critical
Unreviewed
CVE-2022-25494
was published
Mar 16, 2022
ProTip!
Advisories are also available from the
GraphQL API