Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,076 advisories

Loading
ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter. Critical Unreviewed
CVE-2019-8424 was published May 14, 2022
Themerig Find a Place CMS Directory 1.5 has SQL Injection via the find/assets/external/data_2.php... Critical Unreviewed
CVE-2019-8360 was published May 14, 2022
A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps... High Unreviewed
CVE-2019-8422 was published May 14, 2022
upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL... High Unreviewed
CVE-2019-8421 was published May 14, 2022
Cleanto 5.0 has SQL Injection via the assets/lib/export_ajax.php id parameter. Critical Unreviewed
CVE-2019-6296 was published May 14, 2022
In Tiki before 17.2, the user task component is vulnerable to a SQL Injection via the tiki... High Unreviewed
CVE-2018-20719 was published May 14, 2022
Cleanto 5.0 has SQL Injection via the assets/lib/service_method_ajax.php service_id parameter. Critical Unreviewed
CVE-2019-6295 was published May 14, 2022
An issue was discovered in XiaoCms 20141229. It allows admin/index.php?c=database table[] SQL... High Unreviewed
CVE-2019-6127 was published May 14, 2022
A vulnerability, which was classified as critical, has been found in MonikaBrzica scm. Affected... Moderate Unreviewed
CVE-2022-3997 was published Nov 15, 2022
Administrator/index.php in Ivan Cordoba Generic Content Management System (CMS) through 2018-04... Critical Unreviewed
CVE-2018-20568 was published May 14, 2022
ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filter[Query]... Critical Unreviewed
CVE-2019-8423 was published May 14, 2022
A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when... High Unreviewed
CVE-2022-1552 was published Sep 1, 2022
Hotels_Server through 2018-11-05 has SQL Injection via the API because the controller/api/login... Critical Unreviewed
CVE-2019-8393 was published May 14, 2022
GoRose v1.0.4 has SQL Injection when the order_by or group_by parameter can be controlled. Critical Unreviewed
CVE-2019-9047 was published May 14, 2022
An issue was discovered in OFCMS before 1.1.3. It allows admin/system/generate/create?sql= SQL... High Unreviewed
CVE-2019-9615 was published May 14, 2022
It was discovered that the Unitrends Backup (UB) before 10.1.0 libbpext.so authentication could... Critical Unreviewed
CVE-2018-6329 was published May 14, 2022
BlueCMS 1.6 allows SQL Injection via the user_id parameter in an uploads/admin/user.php?act=edit... Critical Unreviewed
CVE-2019-9594 was published May 14, 2022
SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against... Critical Unreviewed
CVE-2018-7033 was published May 14, 2022
SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO)... Critical Unreviewed
CVE-2016-8027 was published May 14, 2022
zzcms v8.3 has a SQL injection in /user/jobmanage.php via the bigclass parameter. High Unreviewed
CVE-2018-17414 was published May 14, 2022
WebAccess/SCADA, Version 8.3. The software does not properly sanitize its inputs for SQL commands. Critical Unreviewed
CVE-2019-6523 was published May 14, 2022
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i,... Critical Unreviewed
CVE-2018-20770 was published May 14, 2022
SQL injection vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5... Critical Unreviewed
CVE-2018-8734 was published May 14, 2022
EARCLINK ESPCMS-P8 has SQL injection in the install_pack/index.php?ac=Member&at=verifyAccount... High Unreviewed
CVE-2019-5488 was published May 14, 2022
apps\admin\controller\content\SingleController.php in PbootCMS before V1.3.0 build 2018-11-12 has... Critical Unreviewed
CVE-2018-18450 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database