Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

12,193 advisories

Loading
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-42311 was published Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... High Unreviewed
CVE-2021-41365 was published Dec 16, 2021
A SQL Injection vulnerability exists in ZZCMS 2021 via the askbigclassid parameter in /admin/ask... Critical Unreviewed
CVE-2021-42945 was published Dec 16, 2021
ThinkPHP5 SQL Injection vulnerability Critical
CVE-2021-44350 was published for topthink/framework (Composer) Dec 17, 2021
TCMAN GIM is vulnerable to a SQL injection vulnerability inside several available webservice... Critical Unreviewed
CVE-2021-40850 was published Dec 18, 2021
The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows... High Unreviewed
CVE-2020-18081 was published Dec 18, 2021
An authenticated SQL injection issue in the calendar search function of OpenEMR 6.0.0 before... Moderate Unreviewed
CVE-2021-41843 was published Dec 18, 2021
SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection. High Unreviewed
CVE-2021-45041 was published Dec 20, 2021
JFrog Artifactory before 7.25.4 (Enterprise+ deployments only), is vulnerable to Blind SQL... High Unreviewed
CVE-2021-3860 was published Dec 21, 2021
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection... High Unreviewed
CVE-2021-35234 was published Dec 21, 2021
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via... High Unreviewed
CVE-2021-44874 was published Dec 22, 2021
The email parameter from ajax.php of Video Sharing Website 1.0 appears to be vulnerable to SQL... Critical Unreviewed
CVE-2021-45255 was published Dec 22, 2021
Multiple SQL injection vulnerabilities are found on Simple Forum-Discussion System 1.0 For... Critical Unreviewed
CVE-2021-45252 was published Dec 22, 2021
The id parameter in view_storage.php from Simple Cold Storage Management System 1.0 appears to be... Critical Unreviewed
CVE-2021-45253 was published Dec 22, 2021
The wcfm_ajax_controller AJAX action of the WCFM Marketplace WordPress plugin before 3.4.12,... Critical Unreviewed
CVE-2021-24849 was published Dec 22, 2021
The get_query() function of the Ni WooCommerce Custom Order Status WordPress plugin before 1.9.7,... High Unreviewed
CVE-2021-24846 was published Dec 22, 2021
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly... High Unreviewed
CVE-2021-24750 was published Dec 22, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21932 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21937 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21930 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21935 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21936 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21933 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21934 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21929 was published Dec 23, 2021
ProTip! Advisories are also available from the GraphQL API