Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

4,187 advisories

Loading
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17659 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17658 was published May 13, 2022
Multiple TIBCO Products are prone to multiple unspecified SQL-injection vulnerabilities because... Critical Unreviewed
CVE-2017-3181 was published May 13, 2022
A vulnerability in the web framework code of Cisco Prime Collaboration Provisioning (PCP) could... Critical Unreviewed
CVE-2018-0320 was published May 13, 2022
A SQL injection vulnerability in the web administration and quarantine components of Micro Focus... Critical Unreviewed
CVE-2018-12464 was published May 13, 2022
A SQL Injection in the RegistrationSharing module of SUSE Linux SMT allows remote attackers to... Critical Unreviewed
CVE-2018-12470 was published May 13, 2022
A vulnerability in the web framework code of Cisco Prime License Manager (PLM) could allow an... Critical Unreviewed
CVE-2018-15441 was published May 13, 2022
A vulnerability in the web framework code of Cisco Integrated Management Controller (IMC)... Critical Unreviewed
CVE-2018-15447 was published May 13, 2022
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and... Critical Unreviewed
CVE-2018-16850 was published May 13, 2022
A flaw was found in Opendaylight's SDNInterfaceapp (SDNI). Attackers can SQL inject the component... Critical Unreviewed
CVE-2018-1132 was published May 13, 2022
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to SQL injection. A remote attacker... Critical Unreviewed
CVE-2018-1994 was published May 13, 2022
Navarino Infinity web interface up to version 2.2 exposes an unauthenticated script that is prone... Critical Unreviewed
CVE-2018-5384 was published May 13, 2022
An SQL injection vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4... Critical Unreviewed
CVE-2018-7528 was published May 13, 2022
SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4... Critical Unreviewed
CVE-2018-8914 was published May 13, 2022
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to... Critical Unreviewed
CVE-2019-4032 was published May 13, 2022
IBM BigFix WebUI Profile Management 6 and Software Distribution 23 is vulnerable to SQL injection... Critical Unreviewed
CVE-2019-4012 was published May 13, 2022
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Input does not... Critical Unreviewed
CVE-2019-9918 was published May 13, 2022
An issue was discovered in Rausoft ID.prove 2.95. The login page allows SQL injection via... Critical Unreviewed
CVE-2018-16659 was published May 13, 2022
XSS and SQLi in huge IT gallery v1.1.5 for Joomla Critical Unreviewed
CVE-2016-1000113 was published May 13, 2022
In CIMTechniques CIMScan 6.x through 6.2, the SOAP WSDL parser allows attackers to execute SQL code. Critical Unreviewed
CVE-2018-16803 was published May 13, 2022
SQL Injection exists in Easy Car Script 2014 via the s_order or s_row parameter to site_search.php. Critical Unreviewed
CVE-2018-5986 was published May 13, 2022
Professional Service Script 1.0 has SQL Injection via the service-list city parameter. Critical Unreviewed
CVE-2017-17625 was published May 13, 2022
SQL Injection exists in Task Rabbit Clone 1.0 via the single_blog.php id parameter. Critical Unreviewed
CVE-2018-6363 was published May 13, 2022
Horus CMS allows SQL Injection, as demonstrated by a request to the /busca or /home URI. Critical Unreviewed
CVE-2018-17410 was published May 13, 2022
Exponent CMS 2.4.1 and earlier has SQL injection via a base64 serialized API key (apikey... Critical Unreviewed
CVE-2017-7991 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database