Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

4,187 advisories

Loading
apps\admin\controller\content\SingleController.php in PbootCMS before V1.3.0 build 2018-11-12 has... Critical Unreviewed
CVE-2018-18450 was published May 14, 2022
PHPSHE 1.7 allows module/index/cart.php pintuan_id SQL Injection to index.php. Critical Unreviewed
CVE-2019-9626 was published May 14, 2022
SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO)... Critical Unreviewed
CVE-2016-8027 was published May 14, 2022
zzcms v8.3 contains a SQL Injection vulnerability in /user/logincheck.php via an X-Forwarded-For... Critical Unreviewed
CVE-2018-17412 was published May 14, 2022
Dolibarr SQL injection via the integer parameters qty and value_unit Critical
CVE-2018-16809 was published for dolibarr/dolibarr (Composer) May 14, 2022
SQL injection vulnerability in TestLink before 1.9.14 allows remote attackers to execute... Critical Unreviewed
CVE-2015-7390 was published May 14, 2022
baserCMS SQL Injection vulnerability Critical
CVE-2017-10842 was published for baserproject/basercms (Composer) May 14, 2022
SQL injection vulnerability in the password recovery feature in Yeager CMS 1.2.1 allows remote... Critical Unreviewed
CVE-2015-7568 was published May 14, 2022
Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query parameter. Critical Unreviewed
CVE-2017-6013 was published May 14, 2022
A SQL injection issue was discovered in the Mail Masta (aka mail-masta) plugin 1.0 for WordPress.... Critical Unreviewed
CVE-2017-6095 was published May 14, 2022
A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment/alipay/pay.php with the... Critical Unreviewed
CVE-2019-9762 was published May 14, 2022
CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the... Critical Unreviewed
CVE-2017-17721 was published May 14, 2022
subscriber.php in Webgalamb through 7.0 is vulnerable to SQL injection via the Client-IP HTTP... Critical Unreviewed
CVE-2018-19510 was published May 14, 2022
An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6. Due to a lack of user input... Critical Unreviewed
CVE-2019-5722 was published May 14, 2022
SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanager/main.php dbsel parameter.... Critical Unreviewed
CVE-2019-9083 was published May 14, 2022
Attendance Monitoring System 1.0 has SQL Injection via the 'id' parameter to student/index.php... Critical Unreviewed
CVE-2018-18798 was published May 14, 2022
Teclib GLPI through 9.3.3 has SQL injection via the "cycle" parameter in /scripts/unlock_tasks.php. Critical Unreviewed
CVE-2019-10232 was published May 14, 2022
The Enterprise Console in Cisco AppDynamics App iQ Platform before 4.4.3.10598 (HF4) allows SQL... Critical Unreviewed
CVE-2018-0225 was published May 14, 2022
A SQL Injection issue was discovered in BlueCMS 1.6. The variable $ad_id is spliced directly in... Critical Unreviewed
CVE-2019-10262 was published May 14, 2022
An issue was discovered in TONGDA Office Anywhere 10.18.190121. There is a SQL Injection... Critical Unreviewed
CVE-2019-9759 was published May 14, 2022
S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter. Critical Unreviewed
CVE-2019-10708 was published May 14, 2022
MKCMS V5.0 has SQL injection via the bplay.php play parameter. Critical Unreviewed
CVE-2019-10707 was published May 14, 2022
Silverstripe Framework SQLi Vulnerability Critical
CVE-2019-5715 was published for silverstripe/framework (Composer) May 14, 2022
Kohana through 3.3.6 has SQL Injection when the order_by() parameter can be controlled. Critical Unreviewed
CVE-2019-8979 was published May 14, 2022
SQL injection vulnerability in Nagios XI before 5.5.11 allows attackers to execute arbitrary SQL... Critical Unreviewed
CVE-2019-9165 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database