GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,833
Maven
5,000+
npm
3,573
NuGet
632
pip
3,160
Pub
10
RubyGems
847
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,324 advisories
Filter by severity
Voltronic Power ViewPower Pro selectEventConfig SQL Injection Remote Code Execution Vulnerability...
Critical
Unreviewed
CVE-2023-51586
was published
May 3, 2024
Voltronic Power ViewPower Pro selectDeviceListBy SQL Injection Remote Code Execution...
Critical
Unreviewed
CVE-2023-51595
was published
May 3, 2024
SQL injection vulnerability in Gescen on the centrosdigitales.net platform. This vulnerability...
Critical
Unreviewed
CVE-2024-4466
was published
May 3, 2024
Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP...
Critical
Unreviewed
CVE-2024-4824
was published
May 14, 2024
DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to...
Critical
Unreviewed
CVE-2024-4893
was published
May 15, 2024
Vulnerability in SiAdmin 1.1 that allows SQL injection via the /modul/mod_pass/aksi_pass.php...
Critical
Unreviewed
CVE-2024-4991
was published
May 16, 2024
Vulnerability in SiAdmin 1.1 that allows SQL injection via the /modul/mod_kuliah/aksi_kuliah.php...
Critical
Unreviewed
CVE-2024-4992
was published
May 16, 2024
SQL injection vulnerability in Simple PHP Shopping Cart affecting version 0.9. This vulnerability...
Critical
Unreviewed
CVE-2024-4826
was published
May 16, 2024
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system...
Critical
Unreviewed
CVE-2022-40825
was published
Oct 7, 2022
Sante PACS Server PG Patient Query SQL Injection Remote Code Execution Vulnerability. This...
Critical
Unreviewed
CVE-2023-51637
was published
May 22, 2024
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system...
Critical
Unreviewed
CVE-2022-40833
was published
Oct 7, 2022
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system...
Critical
Unreviewed
CVE-2022-40824
was published
Oct 7, 2022
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system...
Critical
Unreviewed
CVE-2022-40830
was published
Oct 7, 2022
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system...
Critical
Unreviewed
CVE-2022-40829
was published
Oct 7, 2022
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system...
Critical
Unreviewed
CVE-2022-40834
was published
Oct 7, 2022
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system...
Critical
Unreviewed
CVE-2022-40828
was published
Oct 7, 2022
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system...
Critical
Unreviewed
CVE-2022-40832
was published
Oct 7, 2022
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system...
Critical
Unreviewed
CVE-2022-40835
was published
Oct 7, 2022
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system...
Critical
Unreviewed
CVE-2022-40831
was published
Oct 7, 2022
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system...
Critical
Unreviewed
CVE-2022-40826
was published
Oct 7, 2022
DigiWin EasyFlow .NET lacks validation for certain input parameters. An unauthenticated remote...
Critical
Unreviewed
CVE-2024-5311
was published
Jun 3, 2024
SysAid - CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL...
Critical
Unreviewed
CVE-2024-36393
was published
Jun 6, 2024
The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via...
Critical
Unreviewed
CVE-2024-4295
was published
Jun 5, 2024
The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to SQL...
Critical
Unreviewed
CVE-2024-4743
was published
Jun 5, 2024
Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vulnerable SQL Injection via...
Critical
Unreviewed
CVE-2024-36673
was published
Jun 7, 2024
ProTip!
Advisories are also available from the
GraphQL API