Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,254 advisories

Loading
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2024-40539 was published Jul 12, 2024
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2024-40541 was published Jul 12, 2024
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2024-40542 was published Jul 12, 2024
my-springsecurity-plus before v2024.07.03 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2024-40540 was published Jul 12, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-37933 was published Jul 12, 2024
SQL injection vulnerability in processscore.php in Learning Management System Project In PHP With... Critical Unreviewed
CVE-2024-37870 was published Jul 9, 2024
SQL Injection vulnerability in parameter "w" in file "druk.php" in MegaBIP software allows... Critical Unreviewed
CVE-2024-6527 was published Jul 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-37112 was published Jul 9, 2024
SQL Injection vulnerability in Eskooly Web Product v.3.0 allows a remote attacker to execute... Critical Unreviewed
CVE-2024-27709 was published Jul 5, 2024
Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to a blind SQL Injection... Critical Unreviewed
CVE-2024-3816 was published Jul 3, 2024
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress... Critical Unreviewed
CVE-2024-6172 was published Jul 2, 2024
Intrado 911 Emergency Gateway login form is vulnerable to an unauthenticated blind time-based SQL... Critical Unreviewed
CVE-2024-1839 was published Jun 26, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 200 -... Critical Unreviewed
CVE-2024-4228 was published Jun 26, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-37252 was published Jun 26, 2024
SQL Injection vulnerability in the module "Isotope" (pk_isotope) <=1.7.3 from Promokit.eu for... Critical Unreviewed
CVE-2024-36681 was published Jun 25, 2024
SQL injection vulnerability in the module "Complete for Create a Quote in Frontend + Backend Pro"... Critical Unreviewed
CVE-2024-34988 was published Jun 25, 2024
In the module RSI PDF/HTML catalog evolution (prestapdf) <= 7.0.0 from RSI for PrestaShop, a... Critical Unreviewed
CVE-2024-34989 was published Jun 22, 2024
The Themify – WooCommerce Product Filter plugin for WordPress is vulnerable to time-based SQL... Critical Unreviewed
CVE-2024-6027 was published Jun 21, 2024
In the module "Theme settings" (pk_themesettings) <= 1.8.8 from Promokit.eu for PrestaShop, a... Critical Unreviewed
CVE-2024-36678 was published Jun 19, 2024
In the module "Channable" (channable) up to version 3.2.1 from Channable for PrestaShop, a guest... Critical Unreviewed
CVE-2024-34994 was published Jun 19, 2024
CodeProjects Health Care hospital Management System v1.0 was discovered to contain a SQL... Critical Unreviewed
CVE-2024-37802 was published Jun 18, 2024
The Web Directory Free WordPress plugin before 1.7.0 does not sanitise and escape a parameter... Critical Unreviewed
CVE-2024-3552 was published Jun 13, 2024
SQL Injection vulnerability in Boelter Blue System Management v.1.3 allows a remote attacker to... Critical Unreviewed
CVE-2024-36840 was published Jun 12, 2024
Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vulnerable SQL Injection via... Critical Unreviewed
CVE-2024-36673 was published Jun 7, 2024
Sourcecodester Stock Management System v1.0 is vulnerable to SQL Injection via editCategories.php. Critical Unreviewed
CVE-2024-36779 was published Jun 6, 2024
ProTip! Advisories are also available from the GraphQL API