Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5,902 advisories

Loading
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21919 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21920 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21918 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21921 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21922 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21924 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21923 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21925 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21929 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21928 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21931 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21927 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21937 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21936 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21933 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21930 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21932 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21934 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21935 was published Dec 23, 2021
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly... High Unreviewed
CVE-2021-24750 was published Dec 22, 2021
The get_query() function of the Ni WooCommerce Custom Order Status WordPress plugin before 1.9.7,... High Unreviewed
CVE-2021-24846 was published Dec 22, 2021
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via... High Unreviewed
CVE-2021-44874 was published Dec 22, 2021
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection... High Unreviewed
CVE-2021-35234 was published Dec 21, 2021
JFrog Artifactory before 7.25.4 (Enterprise+ deployments only), is vulnerable to Blind SQL... High Unreviewed
CVE-2021-3860 was published Dec 21, 2021
SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection. High Unreviewed
CVE-2021-45041 was published Dec 20, 2021
ProTip! Advisories are also available from the GraphQL API