Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

12,193 advisories

Loading
Emuse - eServices / eNvoice SQL injection can be used in various ways ranging from bypassing... Critical Unreviewed
CVE-2021-36722 was published Dec 30, 2021
Changing MOTP (Mobile One Time Password) system’s specific function parameter has insufficient... High Unreviewed
CVE-2021-44161 was published Dec 30, 2021
Telephony application has a SQL Injection vulnerability.Successful exploitation of this... High Unreviewed
CVE-2021-39978 was published Jan 4, 2022
The Events Made Easy WordPress plugin before 2.2.36 does not sanitise and escape the search_text... High Unreviewed
CVE-2021-25030 was published Jan 4, 2022
The Speed Booster Pack âš¡ PageSpeed Optimization Suite WordPress plugin before 4.3.3.1 does not... High Unreviewed
CVE-2021-25023 was published Jan 4, 2022
The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the ... High Unreviewed
CVE-2021-24786 was published Jan 4, 2022
SQL Injection in Apache Kylin Moderate
CVE-2021-36774 was published for org.apache.kylin:kylin (Maven) Jan 8, 2022
A vulnerability in the showReports module of Zoho ManageEngine Applications Manager before build... High Unreviewed
CVE-2020-28679 was published Jan 11, 2022
The "WP Search Filters" widget of The Plus Addons for Elementor - Pro WordPress plugin before 5.0... Critical Unreviewed
CVE-2021-24949 was published Jan 11, 2022
The WPcalc WordPress plugin through 2.1 does not sanitize user input into the 'did' parameter and... High Unreviewed
CVE-2021-25054 was published Jan 11, 2022
The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its... High Unreviewed
CVE-2021-24862 was published Jan 11, 2022
Sourcecodester Online Thesis Archiving System 1.0 is vulnerable to SQL Injection. An attacker can... Critical Unreviewed
CVE-2021-45334 was published Jan 11, 2022
A SQL injection vulnerability in /mobile/SelectUsers.jsp in SysAid ITIL 20.4.74 b10 allows a... High Unreviewed
CVE-2021-43971 was published Jan 12, 2022
cscms v4.1 allows for SQL injection via the "js_del" function. Critical Unreviewed
CVE-2020-28102 was published Jan 12, 2022
cscms v4.1 allows for SQL injection via the "page_del" function. Critical Unreviewed
CVE-2020-28103 was published Jan 12, 2022
In SalonERP 3.0.1, a SQL injection vulnerability allows an attacker to inject payload using 'sql'... High Unreviewed
CVE-2021-45406 was published Jan 15, 2022
The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated... Critical Unreviewed
CVE-2022-22055 was published Jan 15, 2022
The All in One SEO WordPress plugin before 4.1.5.3 is affected by an authenticated SQL injection... Moderate Unreviewed
CVE-2021-25037 was published Jan 18, 2022
SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection. High Unreviewed
CVE-2021-38694 was published Jan 19, 2022
PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL sentences in the "subnet"... High Unreviewed
CVE-2022-23046 was published Jan 20, 2022
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path... Critical Unreviewed
CVE-2021-46204 was published Jan 20, 2022
An SQL Injection vulnerability exists in Sourcecodester Computer and Mobile Repair Shop... Critical Unreviewed
CVE-2021-46061 was published Jan 21, 2022
An SQL Injection vulnerability exists in Courcecodester COVID 19 Testing Management System (CTMS)... Critical Unreviewed
CVE-2021-44245 was published Jan 21, 2022
An SQL Injection vulnerability exists in code-projects Pharmacy Management 1.0 via the username... Critical Unreviewed
CVE-2021-44092 was published Jan 21, 2022
An SQL Injection vulnerabiity exists in Sourcecodester Logistic Hub Parcel's Management System 1... Critical Unreviewed
CVE-2021-44244 was published Jan 21, 2022
ProTip! Advisories are also available from the GraphQL API