Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

11,314 advisories

A vulnerability was found in SourceCodester Vehicle Management System 1.0 and classified as... High Unreviewed
CVE-2024-5775 was published Jun 9, 2024
A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as... High Unreviewed
CVE-2024-5774 was published Jun 9, 2024
A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application... Moderate Unreviewed
CVE-2024-5773 was published Jun 9, 2024
A vulnerability, which was classified as critical, has been found in Netentsec NS-ASG Application... Moderate Unreviewed
CVE-2024-5772 was published Jun 9, 2024
A vulnerability classified as critical was found in LabVantage LIMS 2017. This vulnerability... Moderate Unreviewed
CVE-2024-5771 was published Jun 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-35678 was published Jun 8, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-35750 was published Jun 8, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-35736 was published Jun 8, 2024
Zendframework1 Potential SQL injection in ORDER and GROUP functions Critical
GHSA-6fqw-j3vm-7f66 was published for zendframework/zendframework1 (Composer) Jun 7, 2024
Zendframework1 potential SQL injection vector using null byte for PDO (MsSql, SQLite) Critical
GHSA-v42g-7q2x-cw32 was published for zendframework/zendframework1 (Composer) Jun 7, 2024
ZendFramework1 Potential SQL injection in the ORDER implementation of Zend_Db_Select Critical
GHSA-2x36-qhx3-7m5f was published for zendframework/zendframework1 (Composer) Jun 7, 2024
ZendFramework potential SQL Injection Vector When Using PDO_MySql Critical
GHSA-qf36-fx9f-232x was published for zendframework/zendframework1 (Composer) Jun 7, 2024
ZendFramework SQL injection due to execution of platform-specific SQL containing interpolations High
GHSA-x2f4-8wxf-w3vf was published for zendframework/zendframework (Composer) Jun 7, 2024
A vulnerability was found in itsourcecode Online Discussion Forum 1.0. It has been rated as... High Unreviewed
CVE-2024-5733 was published Jun 7, 2024
SQL injection in litellm Moderate
CVE-2024-5225 was published for litellm (pip) Jun 6, 2024
SQL injection in litellm Moderate
CVE-2024-4890 was published for litellm (pip) Jun 6, 2024
SysAid - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL... Critical Unreviewed
CVE-2024-36393 was published Jun 6, 2024
A vulnerability, which was classified as critical, has been found in Chanjet Smooth T+system 3.5.... High Unreviewed
CVE-2024-5653 was published Jun 5, 2024
SQL Injection in TYPO3 Frontend Login Moderate
GHSA-j86x-pjmr-9m6w was published for typo3/cms (Composer) Jun 5, 2024
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-5636 was published Jun 5, 2024
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been declared... Moderate Unreviewed
CVE-2024-5635 was published Jun 5, 2024
The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack... High Unreviewed
CVE-2024-28996 was published Jun 4, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-35630 was published Jun 3, 2024
DigiWin EasyFlow .NET lacks validation for certain input parameters. An unauthenticated remote... Critical Unreviewed
CVE-2024-5311 was published Jun 3, 2024
A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been... Moderate Unreviewed
CVE-2024-5589 was published Jun 3, 2024
ProTip! Advisories are also available from the GraphQL API