GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,254 advisories
Filter by severity
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2023-5155
was published
Feb 15, 2024
EBM Technologies RISWEB's specific query function parameter does not properly restrict user input...
Critical
Unreviewed
CVE-2024-26264
was published
Feb 15, 2024
Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the taskID...
Critical
Unreviewed
CVE-2024-25220
was published
Feb 14, 2024
Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the projectID...
Critical
Unreviewed
CVE-2024-25222
was published
Feb 14, 2024
Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the...
Critical
Unreviewed
CVE-2024-25216
was published
Feb 14, 2024
Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the...
Critical
Unreviewed
CVE-2024-25215
was published
Feb 14, 2024
An issue in Employee Managment System v1.0 allows attackers to bypass authentication via...
Critical
Unreviewed
CVE-2024-25214
was published
Feb 14, 2024
SQL injection vulnerability in adv radius v.2.2.5 allows a local attacker to execute arbitrary...
Critical
Unreviewed
CVE-2024-22923
was published
Feb 13, 2024
SQL Injection vulnerability in Gambio through 4.9.2.0 allows attackers to run arbitrary SQL...
Critical
Unreviewed
CVE-2024-23763
was published
Feb 13, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2023-6677
was published
Feb 9, 2024
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'rid' parameter in Hotel...
Critical
Unreviewed
CVE-2024-25315
was published
Feb 9, 2024
Sourcecodester Event Student Attendance System 1.0, allows SQL Injection via the 'student'...
Critical
Unreviewed
CVE-2024-25302
was published
Feb 9, 2024
Code-projects Hotel Managment System 1.0, allows SQL Injection via the 'sid' parameter in Hotel...
Critical
Unreviewed
CVE-2024-25314
was published
Feb 9, 2024
Code-projects Cinema Seat Reservation System 1.0 allows SQL Injection via the 'id' parameter at "...
Critical
Unreviewed
CVE-2024-25307
was published
Feb 9, 2024
Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'eid' parameter in Hotel...
Critical
Unreviewed
CVE-2024-25316
was published
Feb 9, 2024
SQL Injection vulnerability in Boostmyshop (boostmyshopagent) module for Prestashop versions 1.1...
Critical
Unreviewed
CVE-2024-24308
was published
Feb 9, 2024
SQL injection vulnerability in Presta Monster "Multi Accessories Pro" (hsmultiaccessoriespro)...
Critical
Unreviewed
CVE-2023-50026
was published
Feb 9, 2024
SQL injection vulnerability in InnovaDeluxe "Manufacturer or supplier alphabetical search" ...
Critical
Unreviewed
CVE-2023-46350
was published
Feb 9, 2024
SQL Injection vulnerability in Employee Management System v.1.0 allows a remote attacker to...
Critical
Unreviewed
CVE-2024-24499
was published
Feb 8, 2024
SQL Injection vulnerability in Employee Management System v.1.0 allows a remote attacker to...
Critical
Unreviewed
CVE-2024-24497
was published
Feb 8, 2024
SQL Injection vulnerability in delete-tracker.php in Daily Habit Tracker v.1.0 allows a remote...
Critical
Unreviewed
CVE-2024-24495
was published
Feb 8, 2024
PrestaShop Op'art Easy Redirect >= 1.3.8 and <= 1.3.12 is vulnerable to SQL Injection via...
Critical
Unreviewed
CVE-2023-50061
was published
Feb 8, 2024
Supabase PostgreSQL v15.1 was discovered to contain a SQL injection vulnerability via the...
Critical
Unreviewed
CVE-2024-24213
was published
Feb 8, 2024
The WP Booking Calendar plugin for WordPress is vulnerable to SQL Injection via the ...
Critical
Unreviewed
CVE-2024-1207
was published
Feb 8, 2024
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. An attacker can pass...
Critical
Unreviewed
CVE-2024-24023
was published
Feb 8, 2024
ProTip!
Advisories are also available from the
GraphQL API