GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,413
Erlang
28
GitHub Actions
16
Go
1,651
Maven
4,914
npm
3,437
NuGet
594
pip
2,782
Pub
10
RubyGems
822
Rust
760
Swift
34
Unreviewed advisories
All unreviewed
5,000+
11,143 advisories
Filter by severity
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an...
High
Unreviewed
CVE-2024-4309
was published
Apr 29, 2024
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an...
High
Unreviewed
CVE-2024-4307
was published
Apr 29, 2024
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an...
High
Unreviewed
CVE-2024-4308
was published
Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-33544
was published
Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-33546
was published
Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-33551
was published
Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-33559
was published
Apr 29, 2024
A vulnerability was found in BlueNet Technology Clinical Browsing System 1.2.1. It has been...
Moderate
Unreviewed
CVE-2024-4257
was published
Apr 27, 2024
Umbraco Workflow's Backoffice users can execute arbitrary SQL
Moderate
CVE-2024-32872
was published
for
Plumber.Workflow
(NuGet)
Apr 24, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-32706
was published
Apr 24, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-32710
was published
Apr 24, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-32709
was published
Apr 24, 2024
A vulnerability, which was classified as critical, was found in SourceCodester Simple...
Moderate
Unreviewed
CVE-2024-4093
was published
Apr 24, 2024
A vulnerability, which was classified as critical, was found in Kashipara Online Furniture...
Moderate
Unreviewed
CVE-2024-4069
was published
Apr 24, 2024
A vulnerability has been found in Kashipara Online Furniture Shopping Ecommerce Website 1.0 and...
Moderate
Unreviewed
CVE-2024-4070
was published
Apr 24, 2024
A vulnerability was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0 and...
Moderate
Unreviewed
CVE-2024-4071
was published
Apr 24, 2024
Zend Framework SQL injection vulnerability
Critical
CVE-2014-8089
was published
for
zendframework/zend-db
(Composer)
Apr 23, 2024
LibreNMS vulnerable to a Time-Based Blind SQL injection leads to database extraction
High
CVE-2024-32480
was published
for
librenms/librenms
(Composer)
Apr 22, 2024
LibreNMS vulnerable to SQL injection time-based leads to database extraction
High
CVE-2024-32461
was published
for
librenms/librenms
(Composer)
Apr 22, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-32551
was published
Apr 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-32602
was published
Apr 18, 2024
A SolarWinds Platform SWQL Injection Vulnerability was identified in the user interface. This...
High
Unreviewed
CVE-2024-29001
was published
Apr 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2022-47151
was published
Apr 17, 2024
An SQL injection vulnerability exists in the `delete_discussion()` function of the parisneo...
High
Unreviewed
CVE-2024-1601
was published
Apr 16, 2024
A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been declared as...
Moderate
Unreviewed
CVE-2024-3797
was published
Apr 15, 2024
ProTip!
Advisories are also available from the
GraphQL API