Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

4,187 advisories

Loading
Wuzhicms v4.1.0 was discovered to contain a SQL injection vulnerability via the groupid parameter... Critical Unreviewed
CVE-2022-27431 was published May 5, 2022
MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameter Critical
CVE-2022-28111 was published for com.github.pagehelper:pagehelper (Maven) May 5, 2022
wdja v2.1 is affected by a SQL injection vulnerability in the foreground search function. Critical Unreviewed
CVE-2021-42185 was published May 5, 2022
A SQL injection vulnerability exists in Sourcecodester Fantastic Blog CMS 1.0 . An attacker can... Critical Unreviewed
CVE-2022-28512 was published May 5, 2022
SQL injection in osTicket before 1.14.8 and 1.15.4 login and password reset process allows... Critical Unreviewed
CVE-2021-42235 was published May 5, 2022
In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the... Critical Unreviewed
CVE-2022-29155 was published May 5, 2022
In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the... Critical Unreviewed
CVE-2019-10692 was published May 4, 2022
Bluecms 1.6 has a SQL injection vulnerability at cooike. Critical Unreviewed
CVE-2022-27962 was published May 4, 2022
EmpireCMS 7.5 has a SQL injection vulnerability in AdClass.php Critical Unreviewed
CVE-2022-28585 was published May 4, 2022
Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-27413 was published May 4, 2022
The SiteSuperCharger WordPress plugin before 5.2.0 does not validate, sanitise and escape various... Critical Unreviewed
CVE-2022-0771 was published May 3, 2022
MCMS v5.2.27 was discovered to contain a SQL injection vulnerability in the orderBy parameter at ... Critical Unreviewed
CVE-2022-27466 was published May 3, 2022
The Multiple Shipping Address Woocommerce WordPress plugin before 2.0 does not properly sanitise... Critical Unreviewed
CVE-2022-0783 was published May 3, 2022
The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it... Critical Unreviewed
CVE-2022-0773 was published May 3, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection... Critical Unreviewed
CVE-2022-1366 was published May 3, 2022
The Photo Gallery WordPress plugin through 1.6.3 does not properly escape the $_POST['filter_tag'... Critical Unreviewed
CVE-2022-1281 was published May 3, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection... Critical Unreviewed
CVE-2022-1374 was published May 3, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection... Critical Unreviewed
CVE-2022-1371 was published May 3, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection... Critical Unreviewed
CVE-2022-1369 was published May 3, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection... Critical Unreviewed
CVE-2022-1376 was published May 3, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection... Critical Unreviewed
CVE-2022-1370 was published May 3, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection... Critical Unreviewed
CVE-2022-1367 was published May 3, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection... Critical Unreviewed
CVE-2022-1372 was published May 3, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection... Critical Unreviewed
CVE-2022-1375 was published May 3, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection... Critical Unreviewed
CVE-2022-1377 was published May 3, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database