GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
5,902 advisories
Filter by severity
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21919
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21920
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21918
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21921
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21922
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21924
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21923
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21925
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21929
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21928
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21931
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21927
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21937
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21936
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21933
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21930
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21932
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21934
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21935
was published
Dec 23, 2021
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly...
High
Unreviewed
CVE-2021-24750
was published
Dec 22, 2021
The get_query() function of the Ni WooCommerce Custom Order Status WordPress plugin before 1.9.7,...
High
Unreviewed
CVE-2021-24846
was published
Dec 22, 2021
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via...
High
Unreviewed
CVE-2021-44874
was published
Dec 22, 2021
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection...
High
Unreviewed
CVE-2021-35234
was published
Dec 21, 2021
JFrog Artifactory before 7.25.4 (Enterprise+ deployments only), is vulnerable to Blind SQL...
High
Unreviewed
CVE-2021-3860
was published
Dec 21, 2021
SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection.
High
Unreviewed
CVE-2021-45041
was published
Dec 20, 2021
ProTip!
Advisories are also available from the
GraphQL API