Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,768
Erlang
35
GitHub Actions
29
Go
2,332
Maven
5,000+
npm
3,965
NuGet
713
pip
3,748
Pub
12
RubyGems
921
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,692 advisories

Loading
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... High Unreviewed
CVE-2022-21176 was published Feb 19, 2022
The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping... High Unreviewed
CVE-2022-0513 was published Feb 17, 2022
Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via... High Unreviewed
CVE-2022-24226 was published Feb 16, 2022
SQL Injection High Unreviewed
CVE-2020-25695 was published Feb 15, 2022
The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.6 is affected by a SQL... High Unreviewed
CVE-2022-0190 was published Feb 15, 2022
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in ... High Unreviewed
CVE-2022-24646 was published Feb 12, 2022
SAP NetWeaver AS ABAP (Workplace Server) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753,... High Unreviewed
CVE-2022-22540 was published Feb 11, 2022
A vulnerability has been identified in COMOS (All versions < V10.4.1). The COMOS Web component of... High Unreviewed
CVE-2021-37197 was published Feb 10, 2022
An issue was discovered in Online-Movie-Ticket-Booking-System 1.0. The file about.php does not... High Unreviewed
CVE-2021-44866 was published Feb 10, 2022
Victor CMS v1.0 was discovered to contain a SQL injection vulnerability that allows attackers to... High Unreviewed
CVE-2022-23873 was published Feb 9, 2022
SQL Injection vulnerability discovered in Unified Office Total Connect Now that would allow an... High Unreviewed
CVE-2022-24121 was published Feb 9, 2022
The Wicked Folders WordPress plugin before 2.8.10 does not sanitise and escape the folder_id... High Unreviewed
CVE-2021-24919 was published Feb 2, 2022
Victor CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component... High Unreviewed
CVE-2021-46459 was published Feb 1, 2022
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator... High Unreviewed
CVE-2022-24264 was published Feb 1, 2022
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator... High Unreviewed
CVE-2022-24265 was published Feb 1, 2022
Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator... High Unreviewed
CVE-2022-24266 was published Feb 1, 2022
MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because this... High Unreviewed
CVE-2021-45803 was published Jan 26, 2022
The Cookie Notification Plugin for WordPress plugin before 1.0.9 does not sanitise or escape the... High Unreviewed
CVE-2021-24858 was published Jan 25, 2022
The Advanced Custom Fields: Extended WordPress plugin before 0.8.8.7 does not validate the order... High Unreviewed
CVE-2021-24865 was published Jan 25, 2022
The Asgaros Forum WordPress plugin before 1.15.15 does not validate or escape the forum_id... High Unreviewed
CVE-2021-25045 was published Jan 25, 2022
SQL injection vulnerability in Data Loss Protection (DLP) ePO extension 11.8.x prior to 11.8.100,... High Unreviewed
CVE-2021-4088 was published Jan 25, 2022
Simple College Website 1.0 is vulnerable to unauthenticated file upload & remote code execution... High Unreviewed
CVE-2021-44593 was published Jan 22, 2022
PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL sentences in the "subnet"... High Unreviewed
CVE-2022-23046 was published Jan 20, 2022
SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection. High Unreviewed
CVE-2021-38694 was published Jan 19, 2022
In SalonERP 3.0.1, a SQL injection vulnerability allows an attacker to inject payload using 'sql'... High Unreviewed
CVE-2021-45406 was published Jan 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database