Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

4,187 advisories

Loading
SQL injection vulnerability in Nagios IM (component of Nagios XI) before 2.2.7 allows attackers... Critical Unreviewed
CVE-2019-9204 was published May 14, 2022
SQL Injection exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp... Critical Unreviewed
CVE-2018-18018 was published May 14, 2022
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary... Critical Unreviewed
CVE-2017-8917 was published May 14, 2022
SuiteCRM before 7.8.28, 7.9.x and 7.10.x before 7.10.15, and 7.11.x before 7.11.3 allows SQL... Critical Unreviewed
CVE-2019-6506 was published May 14, 2022
SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote... Critical Unreviewed
CVE-2019-9184 was published May 14, 2022
Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or mctid parameter. Critical Unreviewed
CVE-2017-17612 was published May 14, 2022
Domoticz before 4.10578 allows SQL Injection via the idx parameter in CWebServer:... Critical Unreviewed
CVE-2019-10664 was published May 14, 2022
The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an... Critical Unreviewed
CVE-2017-17871 was published May 14, 2022
Centreon allows SNMP trap SQL Injection Critical
CVE-2018-19281 was published for centreon/centreon (Composer) May 14, 2022
NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL... Critical Unreviewed
CVE-2022-29383 was published May 14, 2022
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f... Critical Unreviewed
CVE-2022-30370 was published May 14, 2022
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes... Critical Unreviewed
CVE-2022-30413 was published May 14, 2022
Pharmacy Sales And Inventory System v1.0 is vulnerable to SQL Injection via /pharmacy-sales-and... Critical Unreviewed
CVE-2022-30407 was published May 14, 2022
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master... Critical Unreviewed
CVE-2022-30395 was published May 14, 2022
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master... Critical Unreviewed
CVE-2022-30385 was published May 14, 2022
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master... Critical Unreviewed
CVE-2022-30391 was published May 14, 2022
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master... Critical Unreviewed
CVE-2022-30387 was published May 14, 2022
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master... Critical Unreviewed
CVE-2022-30386 was published May 14, 2022
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master... Critical Unreviewed
CVE-2022-30384 was published May 14, 2022
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master... Critical Unreviewed
CVE-2022-30392 was published May 14, 2022
A SQL Injection issue was discovered in Sentrifugo 3.2 via the deptid parameter. Critical Unreviewed
CVE-2018-15873 was published May 13, 2022
SQL Injection exists in the ccNewsletter 2.x component for Joomla! via the id parameter in a task... Critical Unreviewed
CVE-2018-5989 was published May 13, 2022
SQL injection vulnerability in archivebot.py in docmarionum1 Slack ArchiveBot (aka slack-archive... Critical Unreviewed
CVE-2018-17232 was published May 13, 2022
Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x... Critical Unreviewed
CVE-2018-8733 was published May 13, 2022
Vulnerability in the Oracle Scripting component of Oracle E-Business Suite (subcomponent:... Critical Unreviewed
CVE-2017-3549 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database