Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,776
Maven
5,000+
npm
3,542
NuGet
617
pip
3,125
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+

3,465 advisories

Loading
The PayPlus Payment Gateway WordPress plugin before 6.6.9 does not properly sanitise and escape a... Critical Unreviewed
CVE-2024-6205 was published Jul 19, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-0857 was published Jul 18, 2024
1Panel has an SQL injection issue related to the orderBy clause Critical
CVE-2024-39907 was published for github.com/1Panel-dev/1Panel (Go) Jul 18, 2024
xuebibibibibi
AguardNet's Space Management System does not properly validate user input, allowing... Critical Unreviewed
CVE-2024-6743 was published Jul 15, 2024
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2024-40539 was published Jul 12, 2024
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2024-40541 was published Jul 12, 2024
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2024-40542 was published Jul 12, 2024
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2024-40540 was published Jul 12, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-37933 was published Jul 12, 2024
SQL injection vulnerability in processscore.php in Learning Management System Project In PHP With... Critical Unreviewed
CVE-2024-37870 was published Jul 9, 2024
SQL Injection vulnerability in parameter "w" in file "druk.php" in MegaBIP software allows... Critical Unreviewed
CVE-2024-6527 was published Jul 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-37112 was published Jul 9, 2024
SQL Injection vulnerability in Eskooly Web Product v.3.0 allows a remote attacker to execute... Critical Unreviewed
CVE-2024-27709 was published Jul 5, 2024
Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to a blind SQL Injection... Critical Unreviewed
CVE-2024-3816 was published Jul 3, 2024
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress... Critical Unreviewed
CVE-2024-6172 was published Jul 2, 2024
Intrado 911 Emergency Gateway login form is vulnerable to an unauthenticated blind time-based SQL... Critical Unreviewed
CVE-2024-1839 was published Jun 26, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 200 -... Critical Unreviewed
CVE-2024-4228 was published Jun 26, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-37252 was published Jun 26, 2024
Craft CMS SQL injection vulnerability via the GraphQL API endpoint Critical
CVE-2024-37843 was published for craftcms/cms (Composer) Jun 25, 2024
SQL Injection vulnerability in the module "Isotope" (pk_isotope) <=1.7.3 from Promokit.eu for... Critical Unreviewed
CVE-2024-36681 was published Jun 25, 2024
SQL injection vulnerability in the module "Complete for Create a Quote in Frontend + Backend Pro"... Critical Unreviewed
CVE-2024-34988 was published Jun 25, 2024
In the module RSI PDF/HTML catalog evolution (prestapdf) <= 7.0.0 from RSI for PrestaShop, a... Critical Unreviewed
CVE-2024-34989 was published Jun 22, 2024
The Themify – WooCommerce Product Filter plugin for WordPress is vulnerable to time-based SQL... Critical Unreviewed
CVE-2024-6027 was published Jun 21, 2024
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress... Critical Unreviewed
CVE-2024-5756 was published Jun 21, 2024
The WP Hotel Booking plugin for WordPress is vulnerable to SQL Injection via the 'room_type'... Critical Unreviewed
CVE-2024-3605 was published Jun 20, 2024
ProTip! Advisories are also available from the GraphQL API