Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

4,185 advisories

Loading
Online Project Time Management System v1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2022-26293 was published Mar 17, 2022
HMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in... Critical Unreviewed
CVE-2022-25492 was published Mar 16, 2022
HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in... Critical Unreviewed
CVE-2022-25490 was published Mar 16, 2022
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed
CVE-2022-25494 was published Mar 16, 2022
Atom CMS v2.0 was discovered to contain a SQL injection vulnerability via the id parameter in ... Critical Unreviewed
CVE-2022-25488 was published Mar 16, 2022
DQL injection through sorting parameters blocked Critical
CVE-2022-24752 was published for sylius/grid-bundle (Composer) Mar 15, 2022
dbalabka
The MOLIE WordPress plugin through 0.5 does not validate and escape a post parameter before using... Critical Unreviewed
CVE-2021-25007 was published Mar 15, 2022
The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the... Critical Unreviewed
CVE-2022-0169 was published Mar 15, 2022
SQL Injection in WordPress Zero Spam WordPress plugin Critical
CVE-2022-0254 was published for bmarshall511/wordpress_zero_spam (Composer) Mar 15, 2022
The CommonsBooking WordPress plugin before 2.6.8 does not sanitise and escape the location... Critical Unreviewed
CVE-2022-0658 was published Mar 15, 2022
Luocms v2.0 is affected by SQL Injection through /admin/login.php. An attacker can log in to the... Critical Unreviewed
CVE-2022-24600 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/sort_mod.php. Critical Unreviewed
CVE-2022-24603 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/news_ok.php. Critical Unreviewed
CVE-2022-24607 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/link/link_mod.php. Critical Unreviewed
CVE-2022-24604 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/link/link_ok.php. Critical Unreviewed
CVE-2022-24605 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/news_mod.php. Critical Unreviewed
CVE-2022-24602 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/news/sort_ok.php. Critical Unreviewed
CVE-2022-24606 was published Mar 11, 2022
The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nx_id parameter... Critical Unreviewed
CVE-2022-0349 was published Mar 8, 2022
The Page View Count WordPress plugin before 2.4.15 does not sanitise and escape the post_ids... Critical Unreviewed
CVE-2022-0434 was published Mar 8, 2022
Victor CMS v1.0 was discovered to contain a SQL injection vulnerability. Critical Unreviewed
CVE-2022-26201 was published Mar 5, 2022
Medical Store Management System v1.0 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed
CVE-2022-25394 was published Mar 4, 2022
Air Cargo Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-26169 was published Mar 4, 2022
Cosmetics and Beauty Product Online Store v1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2022-25396 was published Mar 4, 2022
Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed
CVE-2022-25399 was published Mar 4, 2022
Auto Spare Parts Management v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-25398 was published Mar 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database