GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
11,079 advisories
Filter by severity
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows...
Critical
Unreviewed
CVE-2024-29824
was published
May 31, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows...
Critical
Unreviewed
CVE-2024-29825
was published
May 31, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows...
Critical
Unreviewed
CVE-2024-29823
was published
May 31, 2024
A SQL injection vulnerability in web component of Ivanti Neurons for ITSM allows a remote...
High
Unreviewed
CVE-2024-22059
was published
May 31, 2024
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows...
Critical
Unreviewed
CVE-2024-29822
was published
May 31, 2024
A SQL injection vulnerability in /model/update_grade.php in Campcodes Complete Web-Based School...
Moderate
Unreviewed
CVE-2024-34933
was published
May 23, 2024
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function...
Critical
Unreviewed
CVE-2024-35086
was published
May 23, 2024
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the findPage function...
Critical
Unreviewed
CVE-2024-35084
was published
May 23, 2024
A SQL injection vulnerability in /model/update_subject_routing.php in Campcodes Complete Web...
High
Unreviewed
CVE-2024-34928
was published
May 23, 2024
A SQL injection vulnerability in /model/all_events1.php in Campcodes Complete Web-Based School...
Moderate
Unreviewed
CVE-2024-34930
was published
May 23, 2024
A SQL injection vulnerability in /model/update_classroom.php in Campcodes Complete Web-Based...
Critical
Unreviewed
CVE-2024-34927
was published
May 23, 2024
An SQL Injection vulnerability in web component of EPMM before 12.1.0.0 allows an authenticated...
Moderate
Unreviewed
CVE-2023-46807
was published
May 23, 2024
An SQL Injection vulnerability in a web component of EPMM versions before 12.1.0.0 allows an...
Moderate
Unreviewed
CVE-2023-46806
was published
May 23, 2024
MTab Bookmark v1.9.5 has an SQL injection vulnerability in /LinkStore/getIcon. An attacker can...
Critical
Unreviewed
CVE-2024-35361
was published
May 21, 2024
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports...
High
Unreviewed
CVE-2023-49331
was published
May 20, 2024
Zoho ManageEngine ADAudit Plus through 7251 allows SQL Injection while getting aggregate report...
High
Unreviewed
CVE-2023-49330
was published
May 20, 2024
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph...
High
Unreviewed
CVE-2023-49333
was published
May 20, 2024
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full...
High
Unreviewed
CVE-2023-49334
was published
May 20, 2024
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares.
High
Unreviewed
CVE-2023-49332
was published
May 20, 2024
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server...
High
Unreviewed
CVE-2023-49335
was published
May 20, 2024
The access control in CemiPark software does not properly validate user-entered data, which...
High
Unreviewed
CVE-2024-4423
was published
May 14, 2024
Code-projects Budget Management 1.0 is vulnerable to SQL Injection via the delete parameter.
Critical
Unreviewed
CVE-2024-34955
was published
May 15, 2024
SQL Injection vulnerability in CASAP Automated Enrollment System using PHP/MySQLi with Source...
Critical
Unreviewed
CVE-2024-33485
was published
May 14, 2024
OFCMS V1.1.2 is vulnerable to SQL Injection via the new table function.
Critical
Unreviewed
CVE-2024-34256
was published
May 14, 2024
Sourcecodester Human Resource Management System 1.0 is vulnerable to SQL Injection via the...
Moderate
Unreviewed
CVE-2024-34222
was published
May 14, 2024
ProTip!
Advisories are also available from the
GraphQL API