Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,080 advisories

Loading
The WP Email Users WordPress plugin through 1.7.6 does not escape the data_raw parameter in the... High Unreviewed
CVE-2021-24959 was published Mar 15, 2022
The Event Manager and Tickets Selling for WooCommerce WordPress plugin before 3.5.8 does not... High Unreviewed
CVE-2022-0478 was published Mar 15, 2022
The Simple Quotation WordPress plugin through 1.3.2 does not have authorisation (and CSRF) checks... High Unreviewed
CVE-2022-22735 was published Mar 15, 2022
Moodle Blind SQL injection possible via MNet authentication High
CVE-2021-32474 was published for moodle/moodle (Composer) Mar 12, 2022
The login.jsp page of Quicklert for Digium 10.0.0 (1043) is affected by both Blind SQL Injection... High Unreviewed
CVE-2021-43969 was published Mar 11, 2022
Found a potential security vulnerability inside the Pandora API. Affected Pandora FMS version... High Unreviewed
CVE-2022-0507 was published Mar 11, 2022
Luocms v2.0 is affected by SQL Injection in /admin/manager/admin_mod.php. An attacker can obtain... High Unreviewed
CVE-2022-24601 was published Mar 11, 2022
Network Olympus version 1.8.0 allows an authenticated admin user to inject SQL queries in '/api... High Unreviewed
CVE-2022-25225 was published Mar 11, 2022
A vulnerability has been identified in SINEC NMS (All versions). A privileged authenticated... High Unreviewed
CVE-2022-24281 was published Mar 9, 2022
The Conversios.io WordPress plugin before 4.6.2 does not sanitise, validate and escape the... High Unreviewed
CVE-2021-24952 was published Mar 8, 2022
The view submission functionality in the Hotscot Contact Form WordPress plugin before 1.3 makes a... High Unreviewed
CVE-2021-24777 was published Mar 8, 2022
The AdRotate WordPress plugin before 5.8.22 does not sanitise and escape the adrotate_action... High Unreviewed
CVE-2022-0267 was published Mar 8, 2022
The Email Subscribers & Newsletters WordPress plugin before 5.3.2 does not correctly escape the ... High Unreviewed
CVE-2022-0439 was published Mar 8, 2022
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.6 does not sanitise and... High Unreviewed
CVE-2022-0410 was published Mar 8, 2022
The RegistrationMagic WordPress plugin before 5.0.2.2 does not sanitise and escape the rm_form_id... High Unreviewed
CVE-2022-0420 was published Mar 8, 2022
When the server is configured to use trust authentication with a clientcert requirement or to use... High Unreviewed
CVE-2021-23214 was published Mar 5, 2022
Simple Bakery Shop Management v1.0 was discovered to contain a SQL injection vulnerability via... High Unreviewed
CVE-2022-25393 was published Mar 4, 2022
OS4ED openSIS 8.0 is affected by SQL injection in ChooseCpSearch.php, ChooseRequestSearch.php. An... High Unreviewed
CVE-2021-40635 was published Mar 4, 2022
OS4ED openSIS 8.0 is affected by SQL Injection in CheckDuplicateName.php, which can extract... High Unreviewed
CVE-2021-40636 was published Mar 4, 2022
There is a SQL injection vulnerability in the background of taocms 3.0.2 in parameter id:action... High Unreviewed
CVE-2022-23380 was published Mar 2, 2022
An issue was discovered in taocms 3.0.2. This is a SQL blind injection that can obtain database... High Unreviewed
CVE-2022-23387 was published Mar 2, 2022
A improper neutralization of special elements used in an sql command ('sql injection') in... High Unreviewed
CVE-2021-43077 was published Mar 2, 2022
The WP Cloudy, weather plugin WordPress plugin before 4.4.9 does not escape the post_id parameter... High Unreviewed
CVE-2021-24864 was published Mar 1, 2022
The WP Review Slider WordPress plugin before 11.0 does not sanitise and escape the pid parameter... High Unreviewed
CVE-2022-0383 was published Mar 1, 2022
The Asgaros Forum WordPress plugin before 2.0.0 does not sanitise and escape the post_id... High Unreviewed
CVE-2022-0411 was published Mar 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database