Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,096 advisories

Loading
An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. Two SQL... High Unreviewed
CVE-2023-35811 was published Jun 18, 2023
The WP Custom Cursors WordPress plugin before 3.2 does not properly sanitise and escape a... High Unreviewed
CVE-2023-2221 was published Jun 19, 2023
The Integration for Contact Form 7 and Zoho CRM, Bigin WordPress plugin before 1.2.4 does not... Moderate Unreviewed
CVE-2023-2527 was published Jun 19, 2023
The QueryWall: Plug'n Play Firewall WordPress plugin through 1.1.1 does not properly sanitise and... High Unreviewed
CVE-2023-2492 was published Jun 19, 2023
The SupportCandy WordPress plugin before 3.1.7 does not properly sanitise and escape the `id`... High Unreviewed
CVE-2023-2719 was published Jun 19, 2023
The SupportCandy WordPress plugin before 3.1.7 does not properly sanitise and escape the agents[]... High Unreviewed
CVE-2023-2805 was published Jun 19, 2023
Unauth. SQL Injection (SQLi) vulnerability in Themefic Ultimate Addons for Contact Form 7 plugin ... Critical Unreviewed
CVE-2022-47586 was published Jun 19, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-2907 was published Jun 19, 2023
SQL injection vulnerability found in WUZHICMS v.4.1.0 allows a remote attacker to execute... Critical Unreviewed
CVE-2020-20413 was published Jun 20, 2023
SQL injection vulnerability found in Joyplus-cms v.1.6.0 allows a remote attacker to access... High Unreviewed
CVE-2020-20636 was published Jun 20, 2023
SQL injection vulnerability in OpenCart v.2.2.00 thru 3.0.3.2 allows a remote attacker to execute... High Unreviewed
CVE-2020-20491 was published Jun 20, 2023
SQL injection vulnerability in PHPOK v.5.4. allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2020-21486 was published Jun 20, 2023
Adiscon LogAnalyzer v4.1.13 and before is vulnerable to SQL Injection. Critical Unreviewed
CVE-2023-34600 was published Jun 20, 2023
SQL injection vulnerability in gaozhifeng PHPMyWind v.5.6 allows a remote attacker to execute... High Unreviewed
CVE-2020-21400 was published Jun 20, 2023
Jeesite before commit 10742d3 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-34601 was published Jun 22, 2023
Unauth. SQL Injection (SQLi) vulnerability in InspireUI MStore API plugin <= 3.9.7 versions. High Unreviewed
CVE-2022-47614 was published Jun 23, 2023
The MStore API plugin for WordPress is vulnerable to Unauthenticated Blind SQL Injection via the ... Critical Unreviewed
CVE-2023-3197 was published Jun 24, 2023
it-novum openITCOCKPIT (aka open IT COCKPIT) 4.6.4 before 4.6.5 allows SQL Injection (by... High Unreviewed
CVE-2023-36663 was published Jun 25, 2023
A valid, authenticated LXCA user may be able to gain unauthorized access to events and other data... High Unreviewed
CVE-2023-34418 was published Jun 26, 2023
Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would... High Unreviewed
CVE-2023-32530 was published Jun 27, 2023
The Custom 404 Pro WordPress plugin before 3.8.1 does not properly sanitize database inputs,... Critical Unreviewed
CVE-2023-2032 was published Jun 27, 2023
The Responsive CSS EDITOR WordPress plugin through 1.0 does not properly sanitise and escape a... High Unreviewed
CVE-2023-2482 was published Jun 27, 2023
The FormCraft WordPress plugin before 3.9.7 does not properly sanitise and escape a parameter... High Unreviewed
CVE-2023-2592 was published Jun 27, 2023
The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the `type` parameter... High Unreviewed
CVE-2023-2744 was published Jun 27, 2023
Lost and Found Information System v1.0 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2023-33592 was published Jun 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database