GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,434

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

12,137 advisories

Filter by severity

Sort by

Least recently updated

The importFromRedirection AJAX action of the SEO Redirection Plugin â€“ 301 Redirect Manager... High Unreviewed

CVE-2021-24847 was published Nov 17, 2021

iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability. An... High Unreviewed

CVE-2021-36300 was published Nov 24, 2021

Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL... High Unreviewed

CVE-2021-36299 was published Nov 24, 2021

The SQL injection vulnerability in the Hide My WP WordPress plugin (versions <= 6.2.3) is... Critical Unreviewed

CVE-2021-36916 was published Nov 25, 2021

An authenticated user could potentially execute code via an SQLi vulnerability in the user portal... High Unreviewed

CVE-2021-36807 was published Nov 27, 2021

The Contest Gallery WordPress plugin before 13.1.0.6 does not have capability checks and does not... Critical Unreviewed

CVE-2021-24915 was published Nov 30, 2021

The BSK PDF Manager WordPress plugin before 3.1.2 does not validate and escape the orderby and... High Unreviewed

CVE-2021-24860 was published Nov 30, 2021

The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields... High Unreviewed

CVE-2021-24889 was published Nov 30, 2021

The Email Before Download WordPress plugin before 6.8 does not properly validate and escape the... High Unreviewed

CVE-2021-24748 was published Nov 30, 2021

The myCred WordPress plugin before 2.3 does not validate or escape the fields parameter before... High Unreviewed

CVE-2021-24755 was published Nov 30, 2021

Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A... High Unreviewed

CVE-2021-36328 was published Dec 1, 2021

A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as... Critical Unreviewed

CVE-2021-41679 was published Dec 1, 2021

A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as... Critical Unreviewed

CVE-2021-41678 was published Dec 1, 2021

A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as... Critical Unreviewed

CVE-2021-41677 was published Dec 1, 2021

SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the... Critical Unreviewed

CVE-2021-43451 was published Dec 2, 2021

attendance management system 1.0 is affected by a SQL injection vulnerability in admin... Critical Unreviewed

CVE-2021-44280 was published Dec 2, 2021

CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the... Moderate Unreviewed

CVE-2021-44050 was published Dec 3, 2021

ecshop v2.7.3 is affected by a SQL injection vulnerability in shopex\ecshop\upload\api\client\api... Critical Unreviewed

CVE-2021-43679 was published Dec 3, 2021

The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape a parameter before... High Unreviewed

CVE-2020-35012 was published Dec 3, 2021

SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameer in App\Manage\Controller... Critical Unreviewed

CVE-2021-44348 was published Dec 4, 2021

SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameter in App\Manage... Critical Unreviewed

CVE-2021-44349 was published Dec 4, 2021

Chamilo LMS v1.11.x was discovered to contain a SQL injection via the doc parameter in main... Critical Unreviewed

CVE-2021-35414 was published Dec 4, 2021

SQL Injection vulnerability exists in TuziCMS v2.0.6 in App\Manage\Controller\GuestbookController... Critical Unreviewed

CVE-2021-44347 was published Dec 4, 2021

Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function... High Unreviewed

CVE-2021-25783 was published Dec 4, 2021

Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function... High Unreviewed

CVE-2021-25784 was published Dec 4, 2021

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

12,137 advisories