GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,254 advisories
Filter by severity
The MOLIE WordPress plugin through 0.5 does not validate and escape a post parameter before using...
Critical
Unreviewed
CVE-2021-25007
was published
Mar 15, 2022
The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the...
Critical
Unreviewed
CVE-2022-0169
was published
Mar 15, 2022
The CommonsBooking WordPress plugin before 2.6.8 does not sanitise and escape the location...
Critical
Unreviewed
CVE-2022-0658
was published
Mar 15, 2022
Luocms v2.0 is affected by SQL Injection through /admin/login.php. An attacker can log in to the...
Critical
Unreviewed
CVE-2022-24600
was published
Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/sort_mod.php.
Critical
Unreviewed
CVE-2022-24603
was published
Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/news_mod.php.
Critical
Unreviewed
CVE-2022-24602
was published
Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/link/link_mod.php.
Critical
Unreviewed
CVE-2022-24604
was published
Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/news_ok.php.
Critical
Unreviewed
CVE-2022-24607
was published
Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/link/link_ok.php.
Critical
Unreviewed
CVE-2022-24605
was published
Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/sort_ok.php.
Critical
Unreviewed
CVE-2022-24606
was published
Mar 11, 2022
The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nx_id parameter...
Critical
Unreviewed
CVE-2022-0349
was published
Mar 8, 2022
The Page View Count WordPress plugin before 2.4.15 does not sanitise and escape the post_ids...
Critical
Unreviewed
CVE-2022-0434
was published
Mar 8, 2022
Victor CMS v1.0 was discovered to contain a SQL injection vulnerability.
Critical
Unreviewed
CVE-2022-26201
was published
Mar 5, 2022
Cosmetics and Beauty Product Online Store v1.0 was discovered to contain a SQL injection...
Critical
Unreviewed
CVE-2022-25396
was published
Mar 4, 2022
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via...
Critical
Unreviewed
CVE-2022-25399
was published
Mar 4, 2022
Medical Store Management System v1.0 was discovered to contain a SQL injection vulnerability via...
Critical
Unreviewed
CVE-2022-25394
was published
Mar 4, 2022
Air Cargo Management System v1.0 was discovered to contain a SQL injection vulnerability via the...
Critical
Unreviewed
CVE-2022-26169
was published
Mar 4, 2022
Bank Management System v1.o was discovered to contain a SQL injection vulnerability via the email...
Critical
Unreviewed
CVE-2022-26171
was published
Mar 4, 2022
Simple Mobile Comparison Website v1.0 was discovered to contain a SQL injection vulnerability via...
Critical
Unreviewed
CVE-2022-26170
was published
Mar 4, 2022
Auto Spare Parts Management v1.0 was discovered to contain a SQL injection vulnerability via the...
Critical
Unreviewed
CVE-2022-25398
was published
Mar 4, 2022
MCMS v5.2.4 was discovered to contain a SQL injection vulnerability via search.do in the file ...
Critical
Unreviewed
CVE-2022-25125
was published
Mar 4, 2022
Home Owners Collection Management System v1.0 was discovered to contain a SQL injection...
Critical
Unreviewed
CVE-2022-25029
was published
Mar 2, 2022
The TI WooCommerce Wishlist WordPress plugin before 1.40.1, TI WooCommerce Wishlist Pro WordPress...
Critical
Unreviewed
CVE-2022-0412
was published
Mar 1, 2022
Car Driving School Management System v1.0 is affected by SQL injection in the login page. An...
Critical
Unreviewed
CVE-2022-24571
was published
Mar 1, 2022
Home Owners Collection Management System v1.0 was discovered to contain a SQL injection...
Critical
Unreviewed
CVE-2022-25096
was published
Feb 27, 2022
ProTip!
Advisories are also available from the
GraphQL API