Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

12,193 advisories

Loading
This vulnerability allows remote attackers to disclose sensitive information on affected... High Unreviewed
CVE-2020-15619 was published May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected... High Unreviewed
CVE-2020-15618 was published May 24, 2022
CakePHP Database\\Query::offset() and limit() methods are vulnerable to SQL injection Critical
CVE-2023-22727 was published for cakephp/cakephp (Composer) Jan 20, 2023
ravage84
** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in... Critical Unreviewed
CVE-2010-10007 was published Jan 18, 2023
ZenTao 16.4 to 18.0.beta1 is vulnerable to SQL injection. After logging in with any user, you can... High Unreviewed
CVE-2022-47745 was published Jan 19, 2023
Jeecg-boot is vulnerable to SQL injection Critical
CVE-2022-47105 was published for org.jeecgframework.boot:jeecg-boot-base-core (Maven) Jan 19, 2023
There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability... Critical Unreviewed
CVE-2022-46071 was published Dec 14, 2022
Network Olympus version 1.8.0 allows an authenticated admin user to inject SQL queries in '/api... High Unreviewed
CVE-2022-25225 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/manager/admin_mod.php. An attacker can obtain... High Unreviewed
CVE-2022-24601 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/news_ok.php. Critical Unreviewed
CVE-2022-24607 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/news_mod.php. Critical Unreviewed
CVE-2022-24602 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/sort_mod.php. Critical Unreviewed
CVE-2022-24603 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/link/link_ok.php. Critical Unreviewed
CVE-2022-24605 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection through /admin/login.php. An attacker can log in to the... Critical Unreviewed
CVE-2022-24600 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/sort_ok.php. Critical Unreviewed
CVE-2022-24606 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/link/link_mod.php. Critical Unreviewed
CVE-2022-24604 was published Mar 11, 2022
Found a potential security vulnerability inside the Pandora API. Affected Pandora FMS version... High Unreviewed
CVE-2022-0507 was published Mar 11, 2022
The login.jsp page of Quicklert for Digium 10.0.0 (1043) is affected by both Blind SQL Injection... High Unreviewed
CVE-2021-43969 was published Mar 11, 2022
SQL Injection in FreeTAKServer-UI Moderate
CVE-2022-25506 was published for FreeTAKServer-UI (pip) Mar 12, 2022
SQL Injection in WordPress Zero Spam WordPress plugin Critical
CVE-2022-0254 was published for bmarshall511/wordpress_zero_spam (Composer) Mar 15, 2022
DQL injection through sorting parameters blocked Critical
CVE-2022-24752 was published for sylius/grid-bundle (Composer) Mar 15, 2022
dbalabka
The CommonsBooking WordPress plugin before 2.6.8 does not sanitise and escape the location... Critical Unreviewed
CVE-2022-0658 was published Mar 15, 2022
The Event Manager and Tickets Selling for WooCommerce WordPress plugin before 3.5.8 does not... High Unreviewed
CVE-2022-0478 was published Mar 15, 2022
The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the... Critical Unreviewed
CVE-2022-0169 was published Mar 15, 2022
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed
CVE-2022-25494 was published Mar 16, 2022
ProTip! Advisories are also available from the GraphQL API