GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,779
Maven
5,000+
npm
3,544
NuGet
619
pip
3,130
Pub
10
RubyGems
838
Rust
792
Swift
34
Unreviewed advisories
All unreviewed
5,000+
6,085 advisories
Filter by severity
A SQL injection vulnerability in /mobile/SelectUsers.jsp in SysAid ITIL 20.4.74 b10 allows a...
High
Unreviewed
CVE-2021-43971
was published
Jan 12, 2022
The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its...
High
Unreviewed
CVE-2021-24862
was published
Jan 11, 2022
The WPcalc WordPress plugin through 2.1 does not sanitize user input into the 'did' parameter and...
High
Unreviewed
CVE-2021-25054
was published
Jan 11, 2022
A vulnerability in the showReports module of Zoho ManageEngine Applications Manager before build...
High
Unreviewed
CVE-2020-28679
was published
Jan 11, 2022
The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the ...
High
Unreviewed
CVE-2021-24786
was published
Jan 4, 2022
The Speed Booster Pack âš¡ PageSpeed Optimization Suite WordPress plugin before 4.3.3.1 does not...
High
Unreviewed
CVE-2021-25023
was published
Jan 4, 2022
The Events Made Easy WordPress plugin before 2.2.36 does not sanitise and escape the search_text...
High
Unreviewed
CVE-2021-25030
was published
Jan 4, 2022
Telephony application has a SQL Injection vulnerability.Successful exploitation of this...
High
Unreviewed
CVE-2021-39978
was published
Jan 4, 2022
Changing MOTP (Mobile One Time Password) system’s specific function parameter has insufficient...
High
Unreviewed
CVE-2021-44161
was published
Dec 30, 2021
The Rich Reviews by Starfish WordPress plugin before 1.9.6 does not properly validate the orderby...
High
Unreviewed
CVE-2021-24753
was published
Dec 28, 2021
The id parameter from Online Enrollment Management System 1.0 system appears to be vulnerable to...
High
Unreviewed
CVE-2021-44599
was published
Dec 24, 2021
The password parameter on Simple Online Mens Salon Management System (MSMS) 1.0 appears to be...
High
Unreviewed
CVE-2021-44600
was published
Dec 24, 2021
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple...
High
Unreviewed
CVE-2021-43630
was published
Dec 23, 2021
An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R...
High
Unreviewed
CVE-2021-21915
was published
Dec 23, 2021
An exploitable SQL injection vulnerability exist in the ‘group_list’ page of the Advantech R...
High
Unreviewed
CVE-2021-21917
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21918
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21920
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21919
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21921
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21924
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21922
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21923
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21925
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21931
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
High
Unreviewed
CVE-2021-21928
was published
Dec 23, 2021
ProTip!
Advisories are also available from the
GraphQL API