Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

4,187 advisories

Loading
PHP remote file inclusion vulnerability in public/patch/patch.php in Project Pier 0.8.8 and... Critical Unreviewed
CVE-2018-10759 was published May 13, 2022
SaltOS 3.1 r8126 allows action=login&querystring=&user=[SQL] SQL Injection. Critical Unreviewed
CVE-2018-18761 was published May 13, 2022
SQL injection vulnerability in rdr.php in nuevoMailer version 6.0 and earlier allows remote... Critical Unreviewed
CVE-2017-9730 was published May 13, 2022
SQL Injection exists in the Ek Rishta 2.9 component for Joomla! via the gender, age1, age2,... Critical Unreviewed
CVE-2018-7315 was published May 13, 2022
An issue was discovered in DuomiCMS 3.0. SQL injection exists in the ajax.php file, as... Critical Unreviewed
CVE-2018-18084 was published May 13, 2022
K-iwi Framework 1775 has SQL Injection via the admin/user/group/update user_group_id parameter or... Critical Unreviewed
CVE-2018-18755 was published May 13, 2022
Multiple SQL injection vulnerabilities in account/signup.php and account/signup2.php in... Critical Unreviewed
CVE-2017-7410 was published May 13, 2022
ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from remote SQL... Critical Unreviewed
CVE-2016-9488 was published May 13, 2022
In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote attacker can gain unauthenticated... Critical Unreviewed
CVE-2015-9098 was published May 13, 2022
Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter,... Critical Unreviewed
CVE-2017-15971 was published May 13, 2022
Responsive Newspaper Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin... Critical Unreviewed
CVE-2017-15981 was published May 13, 2022
Dynamic News Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin... Critical Unreviewed
CVE-2017-15982 was published May 13, 2022
An authentication bypass vulnerability in all versions of ValuePLUS Integrated University... Critical Unreviewed
CVE-2019-11196 was published May 13, 2022
SQL injection vulnerability in the Seed Coupon plugin before 1.6 for EC-CUBE allows remote... Critical Unreviewed
CVE-2016-4837 was published May 13, 2022
Multiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY... Critical Unreviewed
CVE-2018-13792 was published May 13, 2022
FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show... Critical Unreviewed
CVE-2017-17570 was published May 13, 2022
FS Foodpanda Clone 1.0 has SQL Injection via the /food keywords parameter. Critical Unreviewed
CVE-2017-17571 was published May 13, 2022
FS Care Clone 1.0 has SQL Injection via the searchJob.php jobType or jobFrequency parameter. Critical Unreviewed
CVE-2017-17574 was published May 13, 2022
FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari. Critical Unreviewed
CVE-2017-17572 was published May 13, 2022
FS Groupon Clone 1.0 has SQL Injection via the item_details.php id parameter or the... Critical Unreviewed
CVE-2017-17575 was published May 13, 2022
FS Gigs Script 1.0 has SQL Injection via the browse-category.php cat parameter, browse-scategory... Critical Unreviewed
CVE-2017-17576 was published May 13, 2022
FS Crowdfunding Script 1.0 has SQL Injection via the latest_news_details.php id parameter. Critical Unreviewed
CVE-2017-17578 was published May 13, 2022
FS Linkedin Clone 1.0 has SQL Injection via the group.php grid parameter, profile.php fid... Critical Unreviewed
CVE-2017-17580 was published May 13, 2022
FS Shutterstock Clone 1.0 has SQL Injection via the /Category keywords parameter. Critical Unreviewed
CVE-2017-17583 was published May 13, 2022
FS Quibids Clone 1.0 has SQL Injection via the itechd.php productid parameter. Critical Unreviewed
CVE-2017-17581 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database