Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,461 advisories

Loading
Tokheim Profleet DiaLOG 11.005.02 is affected by SQL Injection. The component is the... Critical Unreviewed
CVE-2021-34235 was published Feb 12, 2022
The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not... Critical Unreviewed
CVE-2021-24931 was published Feb 11, 2022
HMS v1.0 was discovered to contain a SQL injection vulnerability via patientlogin.php. Critical Unreviewed
CVE-2022-23366 was published Feb 11, 2022
AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php. Critical Unreviewed
CVE-2022-24223 was published Feb 10, 2022
Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of... Critical Unreviewed
CVE-2022-23379 was published Feb 10, 2022
Unauthenticated SQL Injection (SQLi) vulnerability discovered in [GWA] AutoResponder WordPress... Critical Unreviewed
CVE-2021-44779 was published Feb 10, 2022
A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate... Critical Unreviewed
CVE-2022-24260 was published Feb 9, 2022
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in ... Critical Unreviewed
CVE-2022-24263 was published Feb 8, 2022
Improper neutralization of special elements used in an SQL command ('SQL Injection')... Critical Unreviewed
CVE-2021-43926 was published Feb 8, 2022
Improper neutralization of special elements used in an SQL command ('SQL Injection')... Critical Unreviewed
CVE-2021-43925 was published Feb 8, 2022
Improper neutralization of special elements used in an SQL command ('SQL Injection')... Critical Unreviewed
CVE-2021-43927 was published Feb 8, 2022
The Paid Memberships Pro WordPress plugin before 2.6.7 does not escape the discount_code in one... Critical Unreviewed
CVE-2021-25114 was published Feb 8, 2022
The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET... Critical Unreviewed
CVE-2021-24762 was published Feb 2, 2022
SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the... Critical Unreviewed
CVE-2021-43510 was published Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_page.php. Critical Unreviewed
CVE-2022-24219 was published Feb 2, 2022
SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the... Critical Unreviewed
CVE-2021-43509 was published Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions... Critical Unreviewed
CVE-2022-24221 was published Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_user.php. Critical Unreviewed
CVE-2022-24222 was published Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_post.php. Critical Unreviewed
CVE-2022-24220 was published Feb 2, 2022
Victor CMS v1.0 was discovered to contain a SQL injection vulnerability in the component admin... Critical Unreviewed
CVE-2021-46458 was published Feb 1, 2022
A SQL injection vulnerability exists in ZFAKA<=1.43 which an attacker can use to complete SQL... Critical Unreviewed
CVE-2022-22294 was published Jan 29, 2022
Online Motorcycle (Bike) Rental System 1.0 is vulnerable to a Blind Time-Based SQL Injection... Critical Unreviewed
CVE-2021-44249 was published Jan 29, 2022
An SQL Injection vulnerability exists in Sourcecodester Simple Cold Storage Management System... Critical Unreviewed
CVE-2021-45435 was published Jan 29, 2022
An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via... Critical Unreviewed
CVE-2020-25905 was published Jan 29, 2022
SQL injection in the ID parameter of the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET... Critical Unreviewed
CVE-2021-41609 was published Jan 29, 2022
ProTip! Advisories are also available from the GraphQL API