Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,327
Maven
5,000+
npm
3,960
NuGet
712
pip
3,741
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,690 advisories

Loading
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21936 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21932 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21934 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21935 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21930 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21937 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21933 was published Dec 23, 2021
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly... High Unreviewed
CVE-2021-24750 was published Dec 22, 2021
The get_query() function of the Ni WooCommerce Custom Order Status WordPress plugin before 1.9.7,... High Unreviewed
CVE-2021-24846 was published Dec 22, 2021
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via... High Unreviewed
CVE-2021-44874 was published Dec 22, 2021
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection... High Unreviewed
CVE-2021-35234 was published Dec 21, 2021
JFrog Artifactory before 7.25.4 (Enterprise+ deployments only), is vulnerable to Blind SQL... High Unreviewed
CVE-2021-3860 was published Dec 21, 2021
SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection. High Unreviewed
CVE-2021-45041 was published Dec 20, 2021
The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows... High Unreviewed
CVE-2020-18081 was published Dec 18, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... High Unreviewed
CVE-2021-41365 was published Dec 16, 2021
The SEO Booster WordPress plugin through 3.7 allows for authenticated SQL injection via the ... High Unreviewed
CVE-2021-24747 was published Dec 14, 2021
The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPress plugin through 2.7,... High Unreviewed
CVE-2021-24848 was published Dec 14, 2021
The Quotes Collection WordPress plugin through 2.5.2 does not validate and escape the bulkcheck... High Unreviewed
CVE-2021-24861 was published Dec 14, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in... High Unreviewed
CVE-2021-40279 was published Dec 10, 2021
An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in... High Unreviewed
CVE-2021-40280 was published Dec 10, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 in dl/dl_print.php when... High Unreviewed
CVE-2021-40281 was published Dec 10, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, abd 2021 in dl/dl_download.php.... High Unreviewed
CVE-2021-40282 was published Dec 10, 2021
A improper neutralization of special elements used in an sql command ('sql injection') in... High Unreviewed
CVE-2021-42760 was published Dec 9, 2021
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution... High Unreviewed
CVE-2021-40860 was published Dec 9, 2021
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution... High Unreviewed
CVE-2021-40861 was published Dec 9, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database