Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

6,015 advisories

The Quotes Collection WordPress plugin through 2.5.2 does not validate and escape the bulkcheck... High Unreviewed
CVE-2021-24861 was published Dec 14, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in... High Unreviewed
CVE-2021-40279 was published Dec 10, 2021
An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in... High Unreviewed
CVE-2021-40280 was published Dec 10, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 in dl/dl_print.php when... High Unreviewed
CVE-2021-40281 was published Dec 10, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, abd 2021 in dl/dl_download.php.... High Unreviewed
CVE-2021-40282 was published Dec 10, 2021
A improper neutralization of special elements used in an sql command ('sql injection') in... High Unreviewed
CVE-2021-42760 was published Dec 9, 2021
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution... High Unreviewed
CVE-2021-40860 was published Dec 9, 2021
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution... High Unreviewed
CVE-2021-40861 was published Dec 9, 2021
A SQL Injection vulnerability exists in Ivanti Avalance before 6.3.3 allows an attacker with... High Unreviewed
CVE-2021-42131 was published Dec 8, 2021
Authenticated Blind & Error-based SQL injection vulnerability was discovered in Online Enrollment... High Unreviewed
CVE-2021-40578 was published Dec 8, 2021
SQL injection in prestashop/prestashop High
CVE-2021-43789 was published for prestashop/prestashop (Composer) Dec 7, 2021
PierreRambaud
Piwigo v11.5 was discovered to contain a SQL injection vulnerability via the parameter pwg_token... High Unreviewed
CVE-2021-40313 was published Dec 7, 2021
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function... High Unreviewed
CVE-2021-25783 was published Dec 4, 2021
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function... High Unreviewed
CVE-2021-25784 was published Dec 4, 2021
The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape a parameter before... High Unreviewed
CVE-2020-35012 was published Dec 3, 2021
Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A... High Unreviewed
CVE-2021-36328 was published Dec 1, 2021
The myCred WordPress plugin before 2.3 does not validate or escape the fields parameter before... High Unreviewed
CVE-2021-24755 was published Nov 30, 2021
The Email Before Download WordPress plugin before 6.8 does not properly validate and escape the... High Unreviewed
CVE-2021-24748 was published Nov 30, 2021
The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields... High Unreviewed
CVE-2021-24889 was published Nov 30, 2021
The BSK PDF Manager WordPress plugin before 3.1.2 does not validate and escape the orderby and... High Unreviewed
CVE-2021-24860 was published Nov 30, 2021
An authenticated user could potentially execute code via an SQLi vulnerability in the user portal... High Unreviewed
CVE-2021-36807 was published Nov 27, 2021
Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL... High Unreviewed
CVE-2021-36299 was published Nov 24, 2021
iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability. An... High Unreviewed
CVE-2021-36300 was published Nov 24, 2021
SQL Injection in thinkjs High
CVE-2020-21176 was published for thinkjs (npm) Nov 19, 2021
The importFromRedirection AJAX action of the SEO Redirection Plugin – 301 Redirect Manager... High Unreviewed
CVE-2021-24847 was published Nov 17, 2021
ProTip! Advisories are also available from the GraphQL API