Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,254 advisories

Loading
An SQL Injection vulnerability exists in code-projects Pharmacy Management 1.0 via the username... Critical Unreviewed
CVE-2021-44092 was published Jan 21, 2022
An SQL Injection vulnerabiity exists in Sourcecodester Logistic Hub Parcel's Management System 1... Critical Unreviewed
CVE-2021-44244 was published Jan 21, 2022
An SQL Injection vulnerability exists in Courcecodester COVID 19 Testing Management System (CTMS)... Critical Unreviewed
CVE-2021-44245 was published Jan 21, 2022
An SQL Injection vulnerability exists in Sourcecodester Computer and Mobile Repair Shop... Critical Unreviewed
CVE-2021-46061 was published Jan 21, 2022
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path... Critical Unreviewed
CVE-2021-46204 was published Jan 20, 2022
The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated... Critical Unreviewed
CVE-2022-22055 was published Jan 15, 2022
cscms v4.1 allows for SQL injection via the "js_del" function. Critical Unreviewed
CVE-2020-28102 was published Jan 12, 2022
cscms v4.1 allows for SQL injection via the "page_del" function. Critical Unreviewed
CVE-2020-28103 was published Jan 12, 2022
Sourcecodester Online Thesis Archiving System 1.0 is vulnerable to SQL Injection. An attacker can... Critical Unreviewed
CVE-2021-45334 was published Jan 11, 2022
The "WP Search Filters" widget of The Plus Addons for Elementor - Pro WordPress plugin before 5.0... Critical Unreviewed
CVE-2021-24949 was published Jan 11, 2022
Emuse - eServices / eNvoice SQL injection can be used in various ways ranging from bypassing... Critical Unreviewed
CVE-2021-36722 was published Dec 30, 2021
Nettmp NNT 5.1 is affected by a SQL injection vulnerability. An attacker can bypass... Critical Unreviewed
CVE-2021-45814 was published Dec 29, 2021
Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the "bookisbn"... Critical Unreviewed
CVE-2021-43155 was published Dec 23, 2021
Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter... Critical Unreviewed
CVE-2021-43157 was published Dec 23, 2021
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple... Critical Unreviewed
CVE-2021-43629 was published Dec 23, 2021
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the... Critical Unreviewed
CVE-2021-43631 was published Dec 23, 2021
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email... Critical Unreviewed
CVE-2021-43628 was published Dec 23, 2021
An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R... Critical Unreviewed
CVE-2021-21916 was published Dec 23, 2021
The wcfm_ajax_controller AJAX action of the WCFM Marketplace WordPress plugin before 3.4.12,... Critical Unreviewed
CVE-2021-24849 was published Dec 22, 2021
The id parameter in view_storage.php from Simple Cold Storage Management System 1.0 appears to be... Critical Unreviewed
CVE-2021-45253 was published Dec 22, 2021
Multiple SQL injection vulnerabilities are found on Simple Forum-Discussion System 1.0 For... Critical Unreviewed
CVE-2021-45252 was published Dec 22, 2021
The email parameter from ajax.php of Video Sharing Website 1.0 appears to be vulnerable to SQL... Critical Unreviewed
CVE-2021-45255 was published Dec 22, 2021
TCMAN GIM is vulnerable to a SQL injection vulnerability inside several available webservice... Critical Unreviewed
CVE-2021-40850 was published Dec 18, 2021
A SQL Injection vulnerability exists in ZZCMS 2021 via the askbigclassid parameter in /admin/ask... Critical Unreviewed
CVE-2021-42945 was published Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-42311 was published Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API