Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

4,185 advisories

Loading
The Title Experiments Free WordPress plugin before 9.0.1 does not sanitise and escape the id... Critical Unreviewed
CVE-2022-0784 was published Mar 29, 2022
The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the... Critical Unreviewed
CVE-2022-0846 was published Mar 29, 2022
The Limit Login Attempts (Spam Protection) WordPress plugin before 5.1 does not sanitise and... Critical Unreviewed
CVE-2022-0787 was published Mar 29, 2022
SQLinjection in falcon-plus Critical
CVE-2022-26245 was published for github.com/open-falcon/falcon-plus (Go) Mar 28, 2022
TuziCMS v2.0.6 was discovered to contain a SQL injection vulnerability via the component App... Critical Unreviewed
CVE-2022-26301 was published Mar 26, 2022
An issue was discovered in ApiManager 1.1. there is sql injection vulnerability that can use in ... Critical Unreviewed
CVE-2021-43700 was published Mar 25, 2022
An SQL Injection vulnerability exists in Dreamer CMS 4.0.0 via the tableName parameter. Critical Unreviewed
CVE-2021-43084 was published Mar 25, 2022
CmsWing 1.3.7 is affected by a SQLi vulnerability via parameter: behavior rule. Critical Unreviewed
CVE-2021-43735 was published Mar 24, 2022
The AosService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier... Critical Unreviewed
CVE-2021-27468 was published Mar 24, 2022
The ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier... Critical Unreviewed
CVE-2021-27464 was published Mar 24, 2022
A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation... Critical Unreviewed
CVE-2021-27472 was published Mar 24, 2022
Money Transfer Management System Version 1.0 allows an unauthenticated user to inject SQL queries... Critical Unreviewed
CVE-2022-25222 was published Mar 24, 2022
Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-26285 was published Mar 23, 2022
Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-26283 was published Mar 23, 2022
Simple Client Management System v1.0 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed
CVE-2022-26284 was published Mar 23, 2022
WebRun 3.6.0.42 is vulnerable to SQL Injection via the P_0 parameter used to set the username... Critical Unreviewed
CVE-2021-43650 was published Mar 23, 2022
MyBatis plus v3.4.3 was discovered to contain a SQL injection vulnerability via the Column... Critical Unreviewed
CVE-2022-25517 was published Mar 23, 2022
Taocms v3.0.2 was discovered to contain a SQL injection vulnerability via the id parameter in ... Critical Unreviewed
CVE-2022-25505 was published Mar 22, 2022
The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST... Critical Unreviewed
CVE-2022-0739 was published Mar 22, 2022
The Advanced Booking Calendar WordPress plugin before 1.7.0 does not validate and escape the... Critical Unreviewed
CVE-2022-0694 was published Mar 22, 2022
The Infographic Maker WordPress plugin before 4.3.8 does not validate and escape the post_id... Critical Unreviewed
CVE-2022-0747 was published Mar 22, 2022
The Simple Link Directory WordPress plugin before 7.7.2 does not validate and escape the post_id... Critical Unreviewed
CVE-2022-0760 was published Mar 22, 2022
An SQL Injection vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which... Critical Unreviewed
CVE-2021-44088 was published Mar 19, 2022
Rapid7 Nexpose versions 6.6.93 and earlier are susceptible to an SQL Injection vulnerability,... Critical Unreviewed
CVE-2022-0757 was published Mar 19, 2022
SQL Injection in tribalsystems/zenario Critical
CVE-2021-26830 was published for tribalsystems/zenario (Composer) Mar 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database