GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,254 advisories
Filter by severity
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in ...
Critical
Unreviewed
CVE-2022-24263
was published
Feb 8, 2022
Improper neutralization of special elements used in an SQL command ('SQL Injection')...
Critical
Unreviewed
CVE-2021-43926
was published
Feb 8, 2022
Improper neutralization of special elements used in an SQL command ('SQL Injection')...
Critical
Unreviewed
CVE-2021-43925
was published
Feb 8, 2022
Improper neutralization of special elements used in an SQL command ('SQL Injection')...
Critical
Unreviewed
CVE-2021-43927
was published
Feb 8, 2022
The Paid Memberships Pro WordPress plugin before 2.6.7 does not escape the discount_code in one...
Critical
Unreviewed
CVE-2021-25114
was published
Feb 8, 2022
The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET...
Critical
Unreviewed
CVE-2021-24762
was published
Feb 2, 2022
SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the...
Critical
Unreviewed
CVE-2021-43510
was published
Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_page.php.
Critical
Unreviewed
CVE-2022-24219
was published
Feb 2, 2022
SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the...
Critical
Unreviewed
CVE-2021-43509
was published
Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions...
Critical
Unreviewed
CVE-2022-24221
was published
Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_user.php.
Critical
Unreviewed
CVE-2022-24222
was published
Feb 2, 2022
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_post.php.
Critical
Unreviewed
CVE-2022-24220
was published
Feb 2, 2022
Victor CMS v1.0 was discovered to contain a SQL injection vulnerability in the component admin...
Critical
Unreviewed
CVE-2021-46458
was published
Feb 1, 2022
Online Motorcycle (Bike) Rental System 1.0 is vulnerable to a Blind Time-Based SQL Injection...
Critical
Unreviewed
CVE-2021-44249
was published
Jan 29, 2022
An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via...
Critical
Unreviewed
CVE-2020-25905
was published
Jan 29, 2022
An SQL Injection vulnerability exists in Sourcecodester Simple Cold Storage Management System...
Critical
Unreviewed
CVE-2021-45435
was published
Jan 29, 2022
A SQL injection vulnerability exists in ZFAKA<=1.43 which an attacker can use to complete SQL...
Critical
Unreviewed
CVE-2022-22294
was published
Jan 29, 2022
SQL injection in the ID parameter of the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET...
Critical
Unreviewed
CVE-2021-41609
was published
Jan 29, 2022
H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via ...
Critical
Unreviewed
CVE-2021-46448
was published
Jan 29, 2022
H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via ...
Critical
Unreviewed
CVE-2021-46446
was published
Jan 29, 2022
H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via ...
Critical
Unreviewed
CVE-2021-46444
was published
Jan 29, 2022
H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via ...
Critical
Unreviewed
CVE-2021-46445
was published
Jan 29, 2022
An SQL Injection vulnerability exists in Sourcecodester Simple Chatbot Application 1.0 via the...
Critical
Unreviewed
CVE-2021-46427
was published
Jan 28, 2022
There is a front-end sql injection vulnerability in cszcms 1.2.9 via cszcms/controllers/Member...
Critical
Unreviewed
CVE-2021-46377
was published
Jan 28, 2022
MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Injection occurs because the...
Critical
Unreviewed
CVE-2021-45802
was published
Jan 26, 2022
ProTip!
Advisories are also available from the
GraphQL API