Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,537 advisories

Loading
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... Critical Unreviewed
CVE-2024-50330 was published Nov 12, 2024
A SQL injection vulnerability in /omrs/admin/search.php in PHPGurukul Online Marriage... Critical Unreviewed
CVE-2024-50989 was published Nov 11, 2024
Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote... Critical Unreviewed
CVE-2024-11016 was published Nov 11, 2024
Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote... Critical Unreviewed
CVE-2024-11020 was published Nov 11, 2024
SourceCodester Survey Application System 1.0 is vulnerable to SQL Injection in takeSurvey.php via... Critical Unreviewed
CVE-2024-50766 was published Nov 8, 2024
Waybox Enel X web management application could execute arbitrary requests on the internal... Critical Unreviewed
CVE-2023-29119 was published Nov 5, 2024
Waybox Enel X web management application could execute arbitrary requests on the internal... Critical Unreviewed
CVE-2023-29118 was published Nov 5, 2024
The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote,... Critical Unreviewed
CVE-2024-10687 was published Nov 5, 2024
SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote... Critical Unreviewed
CVE-2024-51327 was published Nov 4, 2024
A SQL injection vulnerability exists in the `/api/v1/external-users` route of lunary-ai/lunary... Critical Unreviewed
CVE-2024-7456 was published Nov 1, 2024
Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection via the tid... Critical Unreviewed
CVE-2024-51064 was published Oct 31, 2024
Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection in add-teacher... Critical Unreviewed
CVE-2024-51063 was published Oct 31, 2024
Projectworlds Online Admission System v1 is vulnerable to SQL Injection in index.php via the ... Critical Unreviewed
CVE-2024-51060 was published Oct 31, 2024
Phpgurukul Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in admin/index... Critical Unreviewed
CVE-2024-51065 was published Oct 31, 2024
A NoSQL injection vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers... Critical Unreviewed
CVE-2024-48573 was published Oct 30, 2024
LyLme Spage <=1.6.0 is vulnerable to SQL Injection via /admin/group.php. Critical Unreviewed
CVE-2024-48356 was published Oct 28, 2024
LyLme Spage 1.2.0 through 1.6.0 is vulnerable to SQL Injection via /admin/apply.php. Critical Unreviewed
CVE-2024-48357 was published Oct 28, 2024
The MRBS version 1.5.0 has an SQL injection vulnerability in the edit_entry_handler.php file,... Critical Unreviewed
CVE-2024-48465 was published Oct 28, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-50491 was published Oct 28, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-50479 was published Oct 28, 2024
The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing unauthenticated remote... Critical Unreviewed
CVE-2024-10440 was published Oct 28, 2024
SQL Injection vulnerability in Best courier management system in php v.1.0 allows a remote... Critical Unreviewed
CVE-2024-48580 was published Oct 25, 2024
Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to SQL Injection in the ... Critical Unreviewed
CVE-2024-41618 was published Oct 25, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-6441 was published Oct 24, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-49681 was published Oct 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database