Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,254 advisories

Loading
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-42313 was published Dec 16, 2021
Online Magazine Management System 1.0 contains a SQL injection authentication bypass... Critical Unreviewed
CVE-2021-44653 was published Dec 16, 2021
Online Pre-owned/Used Car Showroom Management System 1.0 contains a SQL injection authentication... Critical Unreviewed
CVE-2021-44655 was published Dec 16, 2021
There is an upload sql injection vulnerability in the background of taocms 3.0.2 in parameter id... Critical Unreviewed
CVE-2021-45014 was published Dec 15, 2021
If configured to use an Oracle database and if a query is created using the flexible search java... Critical Unreviewed
CVE-2021-42064 was published Dec 15, 2021
The WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots... Critical Unreviewed
CVE-2021-24863 was published Dec 14, 2021
The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the... Critical Unreviewed
CVE-2021-24946 was published Dec 14, 2021
The LearnPress WordPress plugin before 4.1.4 does not sanitise, validate and escape the id... Critical Unreviewed
CVE-2021-24951 was published Dec 14, 2021
SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System... Critical Unreviewed
CVE-2021-44966 was published Dec 14, 2021
wbce_cms is vulnerable to Improper Neutralization of Special Elements used in an SQL Command Critical Unreviewed
CVE-2021-3817 was published Dec 10, 2021
An SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in... Critical Unreviewed
CVE-2021-41695 was published Dec 10, 2021
SQL injection vulnerability was discovered in Aanderaa GeoView Webservice prior to version 2.1.3... Critical Unreviewed
CVE-2021-41063 was published Dec 9, 2021
A SQL injection vulnerability in feature services provided by Esri ArcGIS Server 10.9 and below... Critical Unreviewed
CVE-2021-29114 was published Dec 8, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Two unauthenticated... Critical Unreviewed
CVE-2021-43035 was published Dec 7, 2021
The WP Data Access WordPress plugin before 5.0.0 does not properly sanitise and escape the... Critical Unreviewed
CVE-2021-24866 was published Dec 7, 2021
The Registrations for the Events Calendar WordPress plugin before 2.7.6 does not sanitise and... Critical Unreviewed
CVE-2021-24943 was published Dec 7, 2021
b2evolution CMS v7.2.3 was discovered to contain a SQL injection vulnerability via the parameter... Critical Unreviewed
CVE-2021-31632 was published Dec 7, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 in App\Manage\Controller\GuestbookController... Critical Unreviewed
CVE-2021-44347 was published Dec 4, 2021
Chamilo LMS v1.11.x was discovered to contain a SQL injection via the doc parameter in main... Critical Unreviewed
CVE-2021-35414 was published Dec 4, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameter in App\Manage... Critical Unreviewed
CVE-2021-44349 was published Dec 4, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameer in App\Manage\Controller... Critical Unreviewed
CVE-2021-44348 was published Dec 4, 2021
ecshop v2.7.3 is affected by a SQL injection vulnerability in shopex\ecshop\upload\api\client\api... Critical Unreviewed
CVE-2021-43679 was published Dec 3, 2021
attendance management system 1.0 is affected by a SQL injection vulnerability in admin... Critical Unreviewed
CVE-2021-44280 was published Dec 2, 2021
SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the... Critical Unreviewed
CVE-2021-43451 was published Dec 2, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as... Critical Unreviewed
CVE-2021-41677 was published Dec 1, 2021
ProTip! Advisories are also available from the GraphQL API