Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,973
NuGet
715
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,706 advisories

Loading
An issue in the component Create_tmp_table::finalize of MariaDB Server v10.7 and below was... High Unreviewed
CVE-2022-27378 was published Apr 13, 2022
An issue in the component my_decimal::operator= of MariaDB Server v10.6.3 and below was... High Unreviewed
CVE-2022-27380 was published Apr 13, 2022
An issue in the component Field::set_default of MariaDB Server v10.6 and below was discovered to... High Unreviewed
CVE-2022-27381 was published Apr 13, 2022
MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component... High Unreviewed
CVE-2022-27386 was published Apr 13, 2022
An issue in the component Used_tables_and_const_cache::used_tables_and_const_cache_join of... High Unreviewed
CVE-2022-27385 was published Apr 13, 2022
An issue in the component Item_subselect::init_expr_cache_tracker of MariaDB Server v10.6 and... High Unreviewed
CVE-2022-27384 was published Apr 13, 2022
Due to lack of protection, parameter student_id in OpenSIS Classic 8.0 /modules/eligibility... High Unreviewed
CVE-2022-27041 was published Apr 12, 2022
The Advanced Booking Calendar WordPress plugin before 1.7.1 does not sanitise and escape the id... High Unreviewed
CVE-2022-1006 was published Apr 12, 2022
The Podcast Importer SecondLine WordPress plugin before 1.3.8 does not sanitise and properly... High Unreviewed
CVE-2022-1023 was published Apr 12, 2022
Car Rental System v1.0 was discovered to contain a SQL injection vulnerability at /Car_Rental... High Unreviewed
CVE-2022-28000 was published Apr 9, 2022
Zoo Management System v1.0 was discovered to contain a SQL injection vulnerability at ... High Unreviewed
CVE-2022-27992 was published Apr 9, 2022
An issue was discovered in ZZCMS 2021. There is a SQL injection vulnerability in ad_manage.php. High Unreviewed
CVE-2021-46436 was published Apr 9, 2022
ASUS RT-AX56U’s SQL handling function has an SQL injection vulnerability due to insufficient user... High Unreviewed
CVE-2022-23972 was published Apr 8, 2022
The Easy Social Icons WordPress plugin before 3.1.4 does not sanitize the selected_icons... High Unreviewed
CVE-2022-0887 was published Apr 5, 2022
A function in MDT AutoSave versions prior to v6.02.06 is used to retrieve system information for... High Unreviewed
CVE-2021-32957 was published Apr 3, 2022
An SQL Injection vulnerabilty exists in Kreado Kreasfero 1.5 via the id parameter. High Unreviewed
CVE-2021-44581 was published Mar 30, 2022
An SQL Injection vulnerability exits in PuneethReddyHC online-shopping-system as of 11/01/2021... High Unreviewed
CVE-2021-43109 was published Mar 30, 2022
The Sync WooCommerce Product feed to Google Shopping WordPress plugin through 1.2.4 uses the ... High Unreviewed
CVE-2021-25068 was published Mar 29, 2022
The Wow Countdowns WordPress plugin through 3.1.2 does not sanitize user input into the 'did'... High Unreviewed
CVE-2021-25064 was published Mar 29, 2022
A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated... High Unreviewed
CVE-2022-0386 was published Mar 23, 2022
Beijing Wisdom Vision Technology Industry Co., Ltd One Card Integrated Management System 3.0 is... High Unreviewed
CVE-2021-44345 was published Mar 21, 2022
Piwigo v12.2.0 was discovered to contain a SQL injection vulnerability via pwg.users.php. High Unreviewed
CVE-2022-26266 was published Mar 20, 2022
Authenticated (author or higher user role) SQL Injection (SQLi) vulnerability discovered in FV... High Unreviewed
CVE-2022-25607 was published Mar 19, 2022
Slims9 Bulian 9.4.2 is affected by SQL injection in lib/comment.inc.php. User data can be obtained. High Unreviewed
CVE-2021-45793 was published Mar 18, 2022
Slims8 Akasia 8.3.1 is affected by SQL injection in /admin/modules/bibliography/index.php, /admin... High Unreviewed
CVE-2021-45791 was published Mar 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database