GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,899 advisories
Filter by severity
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service ...
Moderate
Unreviewed
CVE-2021-1282
was published
May 24, 2022
Multiple SQL injection vulnerabilities in admin_login.php in NCT Jobs Portal Script allow remote...
Moderate
Unreviewed
CVE-2010-1604
was published
May 17, 2022
The Realty Workstation WordPress plugin through 1.0.6 does not sanitise and escape the trans_edit...
Moderate
Unreviewed
CVE-2022-1691
was published
Jun 9, 2022
The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the ids from the bulk...
Moderate
Unreviewed
CVE-2022-1690
was published
Jun 9, 2022
Multiple SQL injection vulnerabilities in the User Karma module 5.x before 5.x-1.13 and 6.x...
Moderate
Unreviewed
CVE-2008-6276
was published
May 17, 2022
The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter...
Moderate
Unreviewed
CVE-2022-1684
was published
Jun 9, 2022
The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise...
Moderate
Unreviewed
CVE-2022-1685
was published
Jun 9, 2022
SQL injection vulnerability in xt:Commerce before 3.0.4 Sp2.1, when magic_quotes_gpc is enabled...
Moderate
Unreviewed
CVE-2008-6304
was published
May 17, 2022
The Logo Slider WordPress plugin through 1.4.8 does not sanitise and escape the lsp_slider_id...
Moderate
Unreviewed
CVE-2022-1687
was published
Jun 9, 2022
The Five Minute Webshop WordPress plugin through 1.3.2 does not sanitise and escape the id...
Moderate
Unreviewed
CVE-2022-1686
was published
Jun 9, 2022
Multiple SQL injection vulnerabilities in PunBB 1.3 and 1.3.1 allow remote authenticated...
Moderate
Unreviewed
CVE-2008-5434
was published
May 17, 2022
SQL injection vulnerability in profile_social.php in i-Net Solution Orkut Clone allows remote...
Moderate
Unreviewed
CVE-2008-5970
was published
May 17, 2022
SQL injection vulnerability in KTP Computer Customer Database (KTPCCD) CMS, when magic_quotes_gpc...
Moderate
Unreviewed
CVE-2008-5954
was published
May 17, 2022
Multiple SQL injection vulnerabilities in Avaya SIP Enablement Services (SES) in Avaya Avaya...
Moderate
Unreviewed
CVE-2008-6573
was published
May 17, 2022
SQL injection vulnerability in index.php in MODx 0.9.6.2 and earlier, when magic_quotes_gpc is...
Moderate
Unreviewed
CVE-2008-5940
was published
May 17, 2022
Online Fire Reporting System v1.0 was discovered to contain a SQL injection vulnerability via the...
Moderate
Unreviewed
CVE-2022-31415
was published
Jun 15, 2022
The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the id parameter...
Moderate
Unreviewed
CVE-2022-1688
was published
Jun 9, 2022
The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the Update parameter...
Moderate
Unreviewed
CVE-2022-1689
was published
Jun 9, 2022
Affected versions of Octopus Server are prone to an authenticated SQL injection vulnerability in...
Moderate
Unreviewed
CVE-2021-31818
was published
May 24, 2022
SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x...
Moderate
Unreviewed
CVE-2008-6383
was published
May 17, 2022
SQL injection vulnerability in Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1...
Moderate
Unreviewed
CVE-2016-8564
was published
May 17, 2022
SQL injection vulnerability in the "Manage pages" feature (admin/pages) in Typo 5.1.3 and earlier...
Moderate
Unreviewed
CVE-2008-4904
was published
May 17, 2022
PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. A user...
Moderate
Unreviewed
CVE-2021-41672
was published
Jun 16, 2022
Multiple SQL injection vulnerabilities in Jetbox CMS 2.1 allow remote authenticated users to...
Moderate
Unreviewed
CVE-2008-4651
was published
May 17, 2022
A vulnerability in the Cisco Unified Communications Manager web interface could allow an...
Moderate
Unreviewed
CVE-2017-3886
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API