Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,096 advisories

Loading
A vulnerability, which was classified as critical, was found in SourceCodester Shopping Website 1... Moderate Unreviewed
CVE-2023-3502 was published Jul 4, 2023
In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7),... Critical Unreviewed
CVE-2023-36934 was published Jul 5, 2023
In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7),... High Unreviewed
CVE-2023-36932 was published Jul 5, 2023
langchain SQL Injection vulnerability High
CVE-2023-36189 was published for langchain (pip) Jul 6, 2023
A SQL Injection vulnerability detected in Food Ordering System v1.0 allows attackers to run... High Unreviewed
CVE-2023-36968 was published Jul 6, 2023
A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of... Critical Unreviewed
CVE-2023-22319 was published Jul 6, 2023
SQL Injection vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu... High Unreviewed
CVE-2023-30323 was published Jul 6, 2023
SQL Injection vulnerability in textMessage parameter in /src/chatbotapp/chatWindow.java in... High Unreviewed
CVE-2023-30325 was published Jul 6, 2023
A vulnerability was found in ThinuTech ThinuCMS 1.5. It has been rated as critical. Affected by... Moderate Unreviewed
CVE-2023-3528 was published Jul 6, 2023
A CWE-89: Improper Neutralization of Special Elements used in SQL Command (‘SQL Injection’)... High Unreviewed
CVE-2022-41671 was published Jul 6, 2023
Algan Yazılım Prens Student Information System product has an unauthenticated SQL Injection... Critical Unreviewed
CVE-2022-2807 was published Jul 6, 2023
** DISPUTED ** ** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** ** DISPUTED ** A... High Unreviewed
CVE-2021-4276 was published Jul 6, 2023
The Simple Membership WP user Import plugin for WordPress is vulnerable to SQL Injection via the ... Moderate Unreviewed
CVE-2023-0254 was published Jul 6, 2023
SQL Injection vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions. Critical Unreviewed
CVE-2022-45808 was published Jul 6, 2023
SQL Injection (SQLi) vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions. High Unreviewed
CVE-2022-45820 was published Jul 6, 2023
The WP Coder – add custom html, css and js code plugin for WordPress is vulnerable to time-based... Moderate Unreviewed
CVE-2023-0895 was published Jul 6, 2023
The Formidable PRO2PDF WordPress Plugin, version < 3.11, is affected by an authenticated SQL... High Unreviewed
CVE-2023-28663 was published Jul 6, 2023
The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg... High Unreviewed
CVE-2023-1425 was published Jul 6, 2023
A improper neutralization of special elements used in an sql command ('sql injection')... Moderate Unreviewed
CVE-2022-27485 was published Jul 6, 2023
Apache InLong SQL Injection vulnerability Moderate
CVE-2023-30465 was published for org.apache.inlong:manager-pojo (Maven) Jul 6, 2023
Auth. SQL Injection') vulnerability in Kunal Nagar Custom 404 Pro plugin <= 3.7.0 versions. High Unreviewed
CVE-2022-47605 was published Jul 6, 2023
Auth. (admin+) SQL Injection (SQLi) vulnerability in TransbankDevelopers Transbank Webpay REST... High Unreviewed
CVE-2023-27610 was published Jul 6, 2023
SQL injection in Log4cxx when using the ODBC appender to send log messages to a database.  No... High Unreviewed
CVE-2023-31038 was published Jul 6, 2023
KramerAV VIA GO² < 4.0.1.1326 is vulnerable to SQL Injection. Critical Unreviewed
CVE-2023-33509 was published Jul 6, 2023
The uListing plugin for WordPress is vulnerable to generic SQL Injection via the ‘listing_id’... High Unreviewed
CVE-2021-4340 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database