Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

6,063 advisories

Loading
Apache Submarine Server Core has a SQL Injection Vulnerability High
CVE-2024-36263 was published for org.apache.submarine:submarine-server-core (Maven) Jun 12, 2024
Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper... High Unreviewed
CVE-2024-37393 was published Jun 10, 2024
A vulnerability was found in SourceCodester Vehicle Management System 1.0 and classified as... High Unreviewed
CVE-2024-5775 was published Jun 9, 2024
A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as... High Unreviewed
CVE-2024-5774 was published Jun 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-35678 was published Jun 8, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-35750 was published Jun 8, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-35736 was published Jun 8, 2024
ZendFramework SQL injection due to execution of platform-specific SQL containing interpolations High
GHSA-x2f4-8wxf-w3vf was published for zendframework/zendframework (Composer) Jun 7, 2024
A vulnerability was found in itsourcecode Online Discussion Forum 1.0. It has been rated as... High Unreviewed
CVE-2024-5733 was published Jun 7, 2024
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is... High Unreviewed
CVE-2024-5329 was published Jun 6, 2024
A vulnerability, which was classified as critical, has been found in Chanjet Smooth T+system 3.5.... High Unreviewed
CVE-2024-5653 was published Jun 5, 2024
SQL Injection vulnerability in CRMEB v.5.2.2 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-36837 was published Jun 5, 2024
The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack... High Unreviewed
CVE-2024-28996 was published Jun 4, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-35630 was published Jun 3, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows... High Unreviewed
CVE-2024-29830 was published May 31, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows... High Unreviewed
CVE-2024-29846 was published May 31, 2024
A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote... High Unreviewed
CVE-2024-22059 was published May 31, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows... High Unreviewed
CVE-2024-29829 was published May 31, 2024
SQL injection vulnerability in Astrotalks affecting version 10/03/2023. This vulnerability could... High Unreviewed
CVE-2024-5523 was published May 31, 2024
TYPO3 CMS Privilege Escalation and SQL Injection High
GHSA-45wj-jv2h-jwrf was published for typo3/cms-core (Composer) May 30, 2024
silverstripe/subsites Unsafe SQL Query Construction (Safe Data Source) High
GHSA-xc69-p8fc-m6m5 was published for silverstripe/subsites (Composer) May 28, 2024
silverstripe/taxonomy SQL Injection vulnerability High
GHSA-p2v5-xcqm-4fv6 was published for silverstripe/taxonomy (Composer) May 28, 2024
silverstripe/framework has potential SQL Injection vulnerability in PostgreSQL database connector High
GHSA-265q-222x-52m6 was published for silverstripe/framework (Composer) May 28, 2024
silverstripe/framework SQL injection in full text search High
GHSA-xx4r-5265-48j6 was published for silverstripe/framework (Composer) May 27, 2024
A SQL injection vulnerability in /model/update_subject_routing.php in Campcodes Complete Web... High Unreviewed
CVE-2024-34928 was published May 23, 2024
ProTip! Advisories are also available from the GraphQL API