GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,261 advisories
Filter by severity
SQL injection vulnerability in zp-core/zp-extensions/wordpress_import.php in Zenphoto before 1.4...
Moderate
Unreviewed
CVE-2013-7242
was published
May 17, 2022
SQL injection vulnerability in Cisco Unified MeetingPlace 8.6(1.2) allows remote authenticated...
Moderate
Unreviewed
CVE-2015-4233
was published
May 17, 2022
The affected product is vulnerable to two SQL injections that require high privileges for...
Moderate
Unreviewed
CVE-2022-2137
was published
Jul 23, 2022
SQL injection vulnerability in the web framework in Cisco Prime Collaboration Assurance 10.5(1)...
Moderate
Unreviewed
CVE-2015-6331
was published
May 17, 2022
SQL injection vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 and earlier allows remote...
Moderate
Unreviewed
CVE-2016-4507
was published
May 17, 2022
SQL injection vulnerability in Cisco Unified Communications Manager IM and Presence Service 9.1(1...
Moderate
Unreviewed
CVE-2015-4222
was published
May 17, 2022
SQL injection vulnerability in the Solution Engine in Cisco Secure Access Control Server (ACS) 5...
Moderate
Unreviewed
CVE-2015-6345
was published
May 17, 2022
SQL injection vulnerability in the Store Locator (locator) extension before 3.3.1 for TYPO3...
Moderate
Unreviewed
CVE-2015-4610
was published
May 17, 2022
SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote editors to execute arbitrary...
Moderate
Unreviewed
CVE-2015-4713
was published
May 17, 2022
SQL injection vulnerability in application/controllers/admin/questiongroups.php in LimeSurvey...
Moderate
Unreviewed
CVE-2015-4628
was published
May 17, 2022
IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially...
Moderate
Unreviewed
CVE-2016-8929
was published
May 17, 2022
Actian Matrix 5.1.x through 5.1.2.4 and 5.2.x through 5.2.0.1 allows remote authenticated users...
Moderate
Unreviewed
CVE-2015-3993
was published
May 17, 2022
Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote...
Moderate
Unreviewed
CVE-2015-6004
was published
May 17, 2022
The affected product is vulnerable to multiple SQL injections that require low privileges for...
Moderate
Unreviewed
CVE-2022-2136
was published
Jul 23, 2022
Multiple SQL injection vulnerabilities in Avanset Visual CertExam Manager 3.3 and earlier allow...
Moderate
Unreviewed
CVE-2013-7175
was published
May 17, 2022
SQL injection vulnerability in the web interface in Cisco Unity Connection 9.1(1.2) and earlier...
Moderate
Unreviewed
CVE-2015-6299
was published
May 17, 2022
SQL injection vulnerability in Cisco Prime Collaboration Provisioning 10.6 and 11.0 allows remote...
Moderate
Unreviewed
CVE-2015-6329
was published
May 17, 2022
CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9...
Moderate
Unreviewed
CVE-2012-0868
was published
May 17, 2022
Multiple SQL injection vulnerabilities in a PHP script in the management console on Symantec Web...
Moderate
Unreviewed
CVE-2015-6548
was published
May 17, 2022
SQL injection vulnerability in the host_new_graphs_save function in graphs_new.php in Cacti 0.8...
Moderate
Unreviewed
CVE-2015-8377
was published
May 17, 2022
SQL injection vulnerability in the Interactive Voice Response (IVR) component in Cisco Unified...
Moderate
Unreviewed
CVE-2015-0699
was published
May 17, 2022
SQL injection vulnerability in the "FAQ - Frequently Asked Questions" (js_faq) extension before 1...
Moderate
Unreviewed
CVE-2015-4612
was published
May 17, 2022
SQL injection vulnerability in the Smoelenboek (ncgov_smoelenboek) extension before 1.0.9 for...
Moderate
Unreviewed
CVE-2015-4611
was published
May 17, 2022
SQL injection vulnerability in the backend module in the Developer Log (devlog) extension before...
Moderate
Unreviewed
CVE-2015-4613
was published
May 17, 2022
SQL injection vulnerability in the PHPlist Integration Module before 6.x-1.7 for Drupal allows...
Moderate
Unreviewed
CVE-2015-3345
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API