Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,254 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-5155 was published Feb 15, 2024
EBM Technologies RISWEB's specific query function parameter does not properly restrict user input... Critical Unreviewed
CVE-2024-26264 was published Feb 15, 2024
Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the taskID... Critical Unreviewed
CVE-2024-25220 was published Feb 14, 2024
Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the projectID... Critical Unreviewed
CVE-2024-25222 was published Feb 14, 2024
Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2024-25216 was published Feb 14, 2024
Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2024-25215 was published Feb 14, 2024
An issue in Employee Managment System v1.0 allows attackers to bypass authentication via... Critical Unreviewed
CVE-2024-25214 was published Feb 14, 2024
SQL injection vulnerability in adv radius v.2.2.5 allows a local attacker to execute arbitrary... Critical Unreviewed
CVE-2024-22923 was published Feb 13, 2024
SQL Injection vulnerability in Gambio through 4.9.2.0 allows attackers to run arbitrary SQL... Critical Unreviewed
CVE-2024-23763 was published Feb 13, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-6677 was published Feb 9, 2024
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'rid' parameter in Hotel... Critical Unreviewed
CVE-2024-25315 was published Feb 9, 2024
Sourcecodester Event Student Attendance System 1.0, allows SQL Injection via the 'student'... Critical Unreviewed
CVE-2024-25302 was published Feb 9, 2024
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel... Critical Unreviewed
CVE-2024-25314 was published Feb 9, 2024
Code-projects Cinema Seat Reservation System 1.0 allows SQL Injection via the 'id' parameter at "... Critical Unreviewed
CVE-2024-25307 was published Feb 9, 2024
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel... Critical Unreviewed
CVE-2024-25316 was published Feb 9, 2024
SQL Injection vulnerability in Boostmyshop (boostmyshopagent) module for Prestashop versions 1.1... Critical Unreviewed
CVE-2024-24308 was published Feb 9, 2024
SQL injection vulnerability in Presta Monster "Multi Accessories Pro" (hsmultiaccessoriespro)... Critical Unreviewed
CVE-2023-50026 was published Feb 9, 2024
SQL injection vulnerability in InnovaDeluxe "Manufacturer or supplier alphabetical search" ... Critical Unreviewed
CVE-2023-46350 was published Feb 9, 2024
SQL Injection vulnerability in Employee Management System v.1.0 allows a remote attacker to... Critical Unreviewed
CVE-2024-24499 was published Feb 8, 2024
SQL Injection vulnerability in Employee Management System v.1.0 allows a remote attacker to... Critical Unreviewed
CVE-2024-24497 was published Feb 8, 2024
SQL Injection vulnerability in delete-tracker.php in Daily Habit Tracker v.1.0 allows a remote... Critical Unreviewed
CVE-2024-24495 was published Feb 8, 2024
PrestaShop Op'art Easy Redirect >= 1.3.8 and <= 1.3.12 is vulnerable to SQL Injection via... Critical Unreviewed
CVE-2023-50061 was published Feb 8, 2024
Supabase PostgreSQL v15.1 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2024-24213 was published Feb 8, 2024
The WP Booking Calendar plugin for WordPress is vulnerable to SQL Injection via the ... Critical Unreviewed
CVE-2024-1207 was published Feb 8, 2024
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. An attacker can pass... Critical Unreviewed
CVE-2024-24023 was published Feb 8, 2024
ProTip! Advisories are also available from the GraphQL API