Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,254 advisories

Loading
The MOLIE WordPress plugin through 0.5 does not validate and escape a post parameter before using... Critical Unreviewed
CVE-2021-25007 was published Mar 15, 2022
The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the... Critical Unreviewed
CVE-2022-0169 was published Mar 15, 2022
The CommonsBooking WordPress plugin before 2.6.8 does not sanitise and escape the location... Critical Unreviewed
CVE-2022-0658 was published Mar 15, 2022
Luocms v2.0 is affected by SQL Injection through /admin/login.php. An attacker can log in to the... Critical Unreviewed
CVE-2022-24600 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/sort_mod.php. Critical Unreviewed
CVE-2022-24603 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/news_mod.php. Critical Unreviewed
CVE-2022-24602 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/link/link_mod.php. Critical Unreviewed
CVE-2022-24604 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/news_ok.php. Critical Unreviewed
CVE-2022-24607 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/link/link_ok.php. Critical Unreviewed
CVE-2022-24605 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/sort_ok.php. Critical Unreviewed
CVE-2022-24606 was published Mar 11, 2022
The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nx_id parameter... Critical Unreviewed
CVE-2022-0349 was published Mar 8, 2022
The Page View Count WordPress plugin before 2.4.15 does not sanitise and escape the post_ids... Critical Unreviewed
CVE-2022-0434 was published Mar 8, 2022
Victor CMS v1.0 was discovered to contain a SQL injection vulnerability. Critical Unreviewed
CVE-2022-26201 was published Mar 5, 2022
Cosmetics and Beauty Product Online Store v1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2022-25396 was published Mar 4, 2022
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed
CVE-2022-25399 was published Mar 4, 2022
Medical Store Management System v1.0 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed
CVE-2022-25394 was published Mar 4, 2022
Air Cargo Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-26169 was published Mar 4, 2022
Bank Management System v1.o was discovered to contain a SQL injection vulnerability via the email... Critical Unreviewed
CVE-2022-26171 was published Mar 4, 2022
Simple Mobile Comparison Website v1.0 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed
CVE-2022-26170 was published Mar 4, 2022
Auto Spare Parts Management v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-25398 was published Mar 4, 2022
MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via search.do in the file ... Critical Unreviewed
CVE-2022-25125 was published Mar 4, 2022
Home Owners Collection Management System v1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2022-25029 was published Mar 2, 2022
The TI WooCommerce Wishlist WordPress plugin before 1.40.1, TI WooCommerce Wishlist Pro WordPress... Critical Unreviewed
CVE-2022-0412 was published Mar 1, 2022
Car Driving School Management System v1.0 is affected by SQL injection in the login page. An... Critical Unreviewed
CVE-2022-24571 was published Mar 1, 2022
Home Owners Collection Management System v1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2022-25096 was published Feb 27, 2022
ProTip! Advisories are also available from the GraphQL API