GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,254 advisories
Filter by severity
SQL Injection vulnerability in Hero hfheropayment v.1.2.5 and before allows an attacker to...
Critical
Unreviewed
CVE-2024-33267
was published
Apr 30, 2024
SQL injection vulnerability in Webbax supernewsletter v.1.4.21 and before allows a remote...
Critical
Unreviewed
CVE-2024-33275
was published
Apr 30, 2024
SQL Injection vulnerability in Prestaddons flashsales 1.9.7 and before allows an attacker to run...
Critical
Unreviewed
CVE-2024-33269
was published
Apr 29, 2024
SQL Injection vulnerability in FME Modules preorderandnotication v.3.1.0 and before allows a...
Critical
Unreviewed
CVE-2024-33276
was published
Apr 29, 2024
SQL injection vulnerability in onethink v.1.1 allows a remote attacker to escalate privileges via...
Critical
Unreviewed
CVE-2024-33444
was published
Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-33544
was published
Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-33546
was published
Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-33551
was published
Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-33559
was published
Apr 29, 2024
SQL Injection vulnerability in /event-management-master/backend/register.php in PuneethReddyHC...
Critical
Unreviewed
CVE-2024-28322
was published
Apr 27, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-32709
was published
Apr 24, 2024
SQL Injection vulnerability in Trainme Academy version Ichin v.1.3.2 allows a remote attacker to...
Critical
Unreviewed
CVE-2024-27574
was published
Apr 22, 2024
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter...
Critical
Unreviewed
CVE-2024-31545
was published
Apr 22, 2024
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter...
Critical
Unreviewed
CVE-2024-31546
was published
Apr 19, 2024
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter...
Critical
Unreviewed
CVE-2024-31547
was published
Apr 19, 2024
SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to obtain sensitive...
Critical
Unreviewed
CVE-2024-30938
was published
Apr 19, 2024
SQL injection vulnerability in f-logic datacube3 v.1.0 allows a remote attacker to obtain...
Critical
Unreviewed
CVE-2024-31750
was published
Apr 19, 2024
SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using...
Critical
Unreviewed
CVE-2024-30990
was published
Apr 17, 2024
SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System...
Critical
Unreviewed
CVE-2024-30985
was published
Apr 17, 2024
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0...
Critical
Unreviewed
CVE-2024-30982
was published
Apr 17, 2024
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote...
Critical
Unreviewed
CVE-2024-28556
was published
Apr 15, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-32128
was published
Apr 15, 2024
SQL Injection Vulnerability has been found on OpenGnsys product affecting version 1.1.1d (Espeto)...
Critical
Unreviewed
CVE-2024-3704
was published
Apr 12, 2024
The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup...
Critical
Unreviewed
CVE-2024-2879
was published
Apr 3, 2024
Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability. This...
Critical
Unreviewed
CVE-2024-1863
was published
Apr 2, 2024
ProTip!
Advisories are also available from the
GraphQL API