Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,254 advisories

Loading
SQL Injection vulnerability in Hero hfheropayment v.1.2.5 and before allows an attacker to... Critical Unreviewed
CVE-2024-33267 was published Apr 30, 2024
SQL injection vulnerability in Webbax supernewsletter v.1.4.21 and before allows a remote... Critical Unreviewed
CVE-2024-33275 was published Apr 30, 2024
SQL Injection vulnerability in Prestaddons flashsales 1.9.7 and before allows an attacker to run... Critical Unreviewed
CVE-2024-33269 was published Apr 29, 2024
SQL Injection vulnerability in FME Modules preorderandnotication v.3.1.0 and before allows a... Critical Unreviewed
CVE-2024-33276 was published Apr 29, 2024
SQL injection vulnerability in onethink v.1.1 allows a remote attacker to escalate privileges via... Critical Unreviewed
CVE-2024-33444 was published Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-33544 was published Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-33546 was published Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-33551 was published Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-33559 was published Apr 29, 2024
SQL Injection vulnerability in /event-management-master/backend/register.php in PuneethReddyHC... Critical Unreviewed
CVE-2024-28322 was published Apr 27, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-32709 was published Apr 24, 2024
SQL Injection vulnerability in Trainme Academy version Ichin v.1.3.2 allows a remote attacker to... Critical Unreviewed
CVE-2024-27574 was published Apr 22, 2024
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter... Critical Unreviewed
CVE-2024-31545 was published Apr 22, 2024
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter... Critical Unreviewed
CVE-2024-31546 was published Apr 19, 2024
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter... Critical Unreviewed
CVE-2024-31547 was published Apr 19, 2024
SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to obtain sensitive... Critical Unreviewed
CVE-2024-30938 was published Apr 19, 2024
SQL injection vulnerability in f-logic datacube3 v.1.0 allows a remote attacker to obtain... Critical Unreviewed
CVE-2024-31750 was published Apr 19, 2024
SQL Injection vulnerability in the "Invoices" page in phpgurukul Client Management System using... Critical Unreviewed
CVE-2024-30990 was published Apr 17, 2024
SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System... Critical Unreviewed
CVE-2024-30985 was published Apr 17, 2024
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0... Critical Unreviewed
CVE-2024-30982 was published Apr 17, 2024
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote... Critical Unreviewed
CVE-2024-28556 was published Apr 15, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-32128 was published Apr 15, 2024
SQL Injection Vulnerability has been found on OpenGnsys product affecting version 1.1.1d (Espeto)... Critical Unreviewed
CVE-2024-3704 was published Apr 12, 2024
The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup... Critical Unreviewed
CVE-2024-2879 was published Apr 3, 2024
Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2024-1863 was published Apr 2, 2024
ProTip! Advisories are also available from the GraphQL API