Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,413
Erlang
28
GitHub Actions
16
Go
1,651
Maven
4,914
npm
3,437
NuGet
594
pip
2,782
Pub
10
RubyGems
822
Rust
760
Swift
34
Unreviewed advisories
All unreviewed
5,000+

11,143 advisories

SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an... High Unreviewed
CVE-2024-4309 was published Apr 29, 2024
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an... High Unreviewed
CVE-2024-4307 was published Apr 29, 2024
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an... High Unreviewed
CVE-2024-4308 was published Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-33544 was published Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-33546 was published Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-33551 was published Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-33559 was published Apr 29, 2024
A vulnerability was found in BlueNet Technology Clinical Browsing System 1.2.1. It has been... Moderate Unreviewed
CVE-2024-4257 was published Apr 27, 2024
Umbraco Workflow's Backoffice users can execute arbitrary SQL Moderate
CVE-2024-32872 was published for Plumber.Workflow (NuGet) Apr 24, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-32706 was published Apr 24, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-32710 was published Apr 24, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-32709 was published Apr 24, 2024
A vulnerability, which was classified as critical, was found in SourceCodester Simple... Moderate Unreviewed
CVE-2024-4093 was published Apr 24, 2024
A vulnerability, which was classified as critical, was found in Kashipara Online Furniture... Moderate Unreviewed
CVE-2024-4069 was published Apr 24, 2024
A vulnerability has been found in Kashipara Online Furniture Shopping Ecommerce Website 1.0 and... Moderate Unreviewed
CVE-2024-4070 was published Apr 24, 2024
A vulnerability was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0 and... Moderate Unreviewed
CVE-2024-4071 was published Apr 24, 2024
Zend Framework SQL injection vulnerability Critical
CVE-2014-8089 was published for zendframework/zend-db (Composer) Apr 23, 2024
LibreNMS vulnerable to a Time-Based Blind SQL injection leads to database extraction High
CVE-2024-32480 was published for librenms/librenms (Composer) Apr 22, 2024
sco4x0
LibreNMS vulnerable to SQL injection time-based leads to database extraction High
CVE-2024-32461 was published for librenms/librenms (Composer) Apr 22, 2024
Louhan-dev
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-32551 was published Apr 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-32602 was published Apr 18, 2024
A SolarWinds Platform SWQL Injection Vulnerability was identified in the user interface. This... High Unreviewed
CVE-2024-29001 was published Apr 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2022-47151 was published Apr 17, 2024
An SQL injection vulnerability exists in the `delete_discussion()` function of the parisneo... High Unreviewed
CVE-2024-1601 was published Apr 16, 2024
A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-3797 was published Apr 15, 2024
ProTip! Advisories are also available from the GraphQL API