GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
6,063 advisories
Filter by severity
Apache Submarine Server Core has a SQL Injection Vulnerability
High
CVE-2024-36263
was published
for
org.apache.submarine:submarine-server-core
(Maven)
Jun 12, 2024
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper...
High
Unreviewed
CVE-2024-37393
was published
Jun 10, 2024
A vulnerability was found in SourceCodester Vehicle Management System 1.0 and classified as...
High
Unreviewed
CVE-2024-5775
was published
Jun 9, 2024
A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as...
High
Unreviewed
CVE-2024-5774
was published
Jun 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-35678
was published
Jun 8, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-35750
was published
Jun 8, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-35736
was published
Jun 8, 2024
ZendFramework SQL injection due to execution of platform-specific SQL containing interpolations
High
GHSA-x2f4-8wxf-w3vf
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
A vulnerability was found in itsourcecode Online Discussion Forum 1.0. It has been rated as...
High
Unreviewed
CVE-2024-5733
was published
Jun 7, 2024
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is...
High
Unreviewed
CVE-2024-5329
was published
Jun 6, 2024
A vulnerability, which was classified as critical, has been found in Chanjet Smooth T+system 3.5....
High
Unreviewed
CVE-2024-5653
was published
Jun 5, 2024
SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2024-36837
was published
Jun 5, 2024
The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack...
High
Unreviewed
CVE-2024-28996
was published
Jun 4, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-35630
was published
Jun 3, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows...
High
Unreviewed
CVE-2024-29830
was published
May 31, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows...
High
Unreviewed
CVE-2024-29846
was published
May 31, 2024
A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote...
High
Unreviewed
CVE-2024-22059
was published
May 31, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows...
High
Unreviewed
CVE-2024-29829
was published
May 31, 2024
SQL injection vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability could...
High
Unreviewed
CVE-2024-5523
was published
May 31, 2024
TYPO3 CMS Privilege Escalation and SQL Injection
High
GHSA-45wj-jv2h-jwrf
was published
for
typo3/cms-core
(Composer)
May 30, 2024
silverstripe/subsites Unsafe SQL Query Construction (Safe Data Source)
High
GHSA-xc69-p8fc-m6m5
was published
for
silverstripe/subsites
(Composer)
May 28, 2024
silverstripe/taxonomy SQL Injection vulnerability
High
GHSA-p2v5-xcqm-4fv6
was published
for
silverstripe/taxonomy
(Composer)
May 28, 2024
silverstripe/framework has potential SQL Injection vulnerability in PostgreSQL database connector
High
GHSA-265q-222x-52m6
was published
for
silverstripe/framework
(Composer)
May 28, 2024
silverstripe/framework SQL injection in full text search
High
GHSA-xx4r-5265-48j6
was published
for
silverstripe/framework
(Composer)
May 27, 2024
A SQL injection vulnerability in /model/update_subject_routing.php in Campcodes Complete Web...
High
Unreviewed
CVE-2024-34928
was published
May 23, 2024
ProTip!
Advisories are also available from the
GraphQL API