GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,461 advisories
Filter by severity
Tokheim Profleet DiaLOG 11.005.02 is affected by SQL Injection. The component is the...
Critical
Unreviewed
CVE-2021-34235
was published
Feb 12, 2022
The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not...
Critical
Unreviewed
CVE-2021-24931
was published
Feb 11, 2022
HMS v1.0 was discovered to contain a SQL injection vulnerability via patientlogin.php.
Critical
Unreviewed
CVE-2022-23366
was published
Feb 11, 2022
AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php.
Critical
Unreviewed
CVE-2022-24223
was published
Feb 10, 2022
Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of...
Critical
Unreviewed
CVE-2022-23379
was published
Feb 10, 2022
Unauthenticated SQL Injection (SQLi) vulnerability discovered in [GWA] AutoResponder WordPress...
Critical
Unreviewed
CVE-2021-44779
was published
Feb 10, 2022
A SQL injection vulnerability in Voipmonitor GUI before v24.96 allows attackers to escalate...
Critical
Unreviewed
CVE-2022-24260
was published
Feb 9, 2022
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in ...
Critical
Unreviewed
CVE-2022-24263
was published
Feb 8, 2022
Improper neutralization of special elements used in an SQL command ('SQL Injection')...
Critical
Unreviewed
CVE-2021-43926
was published
Feb 8, 2022
Improper neutralization of special elements used in an SQL command ('SQL Injection')...
Critical
Unreviewed
CVE-2021-43925
was published
Feb 8, 2022
Improper neutralization of special elements used in an SQL command ('SQL Injection')...
Critical
Unreviewed
CVE-2021-43927
was published
Feb 8, 2022
The Paid Memberships Pro WordPress plugin before 2.6.7 does not escape the discount_code in one...
Critical
Unreviewed
CVE-2021-25114
was published
Feb 8, 2022
The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET...
Critical
Unreviewed
CVE-2021-24762
was published
Feb 2, 2022
SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the...
Critical
Unreviewed
CVE-2021-43510
was published
Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_page.php.
Critical
Unreviewed
CVE-2022-24219
was published
Feb 2, 2022
SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the...
Critical
Unreviewed
CVE-2021-43509
was published
Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions...
Critical
Unreviewed
CVE-2022-24221
was published
Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_user.php.
Critical
Unreviewed
CVE-2022-24222
was published
Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_post.php.
Critical
Unreviewed
CVE-2022-24220
was published
Feb 2, 2022
Victor CMS v1.0 was discovered to contain a SQL injection vulnerability in the component admin...
Critical
Unreviewed
CVE-2021-46458
was published
Feb 1, 2022
A SQL injection vulnerability exists in ZFAKA<=1.43 which an attacker can use to complete SQL...
Critical
Unreviewed
CVE-2022-22294
was published
Jan 29, 2022
Online Motorcycle (Bike) Rental System 1.0 is vulnerable to a Blind Time-Based SQL Injection...
Critical
Unreviewed
CVE-2021-44249
was published
Jan 29, 2022
An SQL Injection vulnerability exists in Sourcecodester Simple Cold Storage Management System...
Critical
Unreviewed
CVE-2021-45435
was published
Jan 29, 2022
An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via...
Critical
Unreviewed
CVE-2020-25905
was published
Jan 29, 2022
SQL injection in the ID parameter of the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET...
Critical
Unreviewed
CVE-2021-41609
was published
Jan 29, 2022
ProTip!
Advisories are also available from the
GraphQL API