Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,407 advisories

Loading
A vulnerability in the Cisco Unified Communications Manager web interface could allow an... Moderate Unreviewed
CVE-2017-3886 was published May 17, 2022
Multiple SQL injection vulnerabilities in Jetbox CMS 2.1 allow remote authenticated users to... Moderate Unreviewed
CVE-2008-4651 was published May 17, 2022
PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. A user... Moderate Unreviewed
CVE-2021-41672 was published Jun 16, 2022
SQL injection vulnerability in the "Manage pages" feature (admin/pages) in Typo 5.1.3 and earlier... Moderate Unreviewed
CVE-2008-4904 was published May 17, 2022
SQL injection vulnerability in Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1... Moderate Unreviewed
CVE-2016-8564 was published May 17, 2022
SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x... Moderate Unreviewed
CVE-2008-6383 was published May 17, 2022
Affected versions of Octopus Server are prone to an authenticated SQL injection vulnerability in... Moderate Unreviewed
CVE-2021-31818 was published May 24, 2022
update_by_case before 0.1.3 can be vulnerable to sql injection Moderate
CVE-2022-35956 was published for update_by_case (RubyGems) Aug 11, 2022
The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the Update parameter... Moderate Unreviewed
CVE-2022-1689 was published Jun 9, 2022
The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the id parameter... Moderate Unreviewed
CVE-2022-1688 was published Jun 9, 2022
Online Fire Reporting System v1.0 was discovered to contain a SQL injection vulnerability via the... Moderate Unreviewed
CVE-2022-31415 was published Jun 15, 2022
SQL injection vulnerability in index.php in MODx 0.9.6.2 and earlier, when magic_quotes_gpc is... Moderate Unreviewed
CVE-2008-5940 was published May 17, 2022
Multiple SQL injection vulnerabilities in Avaya SIP Enablement Services (SES) in Avaya Avaya... Moderate Unreviewed
CVE-2008-6573 was published May 17, 2022
SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc... Moderate Unreviewed
CVE-2008-5954 was published May 17, 2022
SQL injection vulnerability in profile_social.php in i-Net Solution Orkut Clone allows remote... Moderate Unreviewed
CVE-2008-5970 was published May 17, 2022
The Five Minute Webshop WordPress plugin through 1.3.2 does not sanitise and escape the id... Moderate Unreviewed
CVE-2022-1686 was published Jun 9, 2022
The Logo Slider WordPress plugin through 1.4.8 does not sanitise and escape the lsp_slider_id... Moderate Unreviewed
CVE-2022-1687 was published Jun 9, 2022
SQL injection vulnerability in xt:Commerce before 3.0.4 Sp2.1, when magic_quotes_gpc is enabled... Moderate Unreviewed
CVE-2008-6304 was published May 17, 2022
The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise... Moderate Unreviewed
CVE-2022-1685 was published Jun 9, 2022
The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter... Moderate Unreviewed
CVE-2022-1684 was published Jun 9, 2022
Multiple SQL injection vulnerabilities in the User Karma module 5.x before 5.x-1.13 and 6.x... Moderate Unreviewed
CVE-2008-6276 was published May 17, 2022
The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the ids from the bulk... Moderate Unreviewed
CVE-2022-1690 was published Jun 9, 2022
The Realty Workstation WordPress plugin through 1.0.6 does not sanitise and escape the trans_edit... Moderate Unreviewed
CVE-2022-1691 was published Jun 9, 2022
Multiple SQL injection vulnerabilities in admin_login.php in NCT Jobs Portal Script allow remote... Moderate Unreviewed
CVE-2010-1604 was published May 17, 2022
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service ... Moderate Unreviewed
CVE-2021-1282 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database