Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,152
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,097 advisories

Loading
itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to SQL Injection.... Critical Unreviewed
CVE-2023-34487 was published Jun 29, 2023
Property Cloud Platform Management Center 1.0 is vulnerable to error-based SQL injection. Critical Unreviewed
CVE-2023-34735 was published Jun 29, 2023
In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7),... High Unreviewed
CVE-2023-36932 was published Jul 5, 2023
In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7),... Critical Unreviewed
CVE-2023-36934 was published Jul 5, 2023
A SQL Injection vulnerability detected in Food Ordering System v1.0 allows attackers to run... High Unreviewed
CVE-2023-36968 was published Jul 6, 2023
A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of... Critical Unreviewed
CVE-2023-22319 was published Jul 6, 2023
SQL Injection vulnerability in username field in /src/chatbotapp/chatWindow.java in Payatu... High Unreviewed
CVE-2023-30323 was published Jul 6, 2023
A CWE-89: Improper Neutralization of Special Elements used in SQL Command (‘SQL Injection’)... High Unreviewed
CVE-2022-41671 was published Jul 6, 2023
Algan Yazılım Prens Student Information System product has an unauthenticated SQL Injection... Critical Unreviewed
CVE-2022-2807 was published Jul 6, 2023
The Simple Membership WP user Import plugin for WordPress is vulnerable to SQL Injection via the ... Moderate Unreviewed
CVE-2023-0254 was published Jul 6, 2023
SQL Injection (SQLi) vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions. High Unreviewed
CVE-2022-45820 was published Jul 6, 2023
SQL Injection vulnerability in LearnPress – WordPress LMS Plugin <= 4.1.7.3.2 versions. Critical Unreviewed
CVE-2022-45808 was published Jul 6, 2023
The WP Coder – add custom html, css and js code plugin for WordPress is vulnerable to time-based... Moderate Unreviewed
CVE-2023-0895 was published Jul 6, 2023
The Formidable PRO2PDF WordPress Plugin, version < 3.11, is affected by an authenticated SQL... High Unreviewed
CVE-2023-28663 was published Jul 6, 2023
The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg... High Unreviewed
CVE-2023-1425 was published Jul 6, 2023
A improper neutralization of special elements used in an sql command ('sql injection')... Moderate Unreviewed
CVE-2022-27485 was published Jul 6, 2023
Auth. SQL Injection') vulnerability in Kunal Nagar Custom 404 Pro plugin <= 3.7.0 versions. High Unreviewed
CVE-2022-47605 was published Jul 6, 2023
Auth. (admin+) SQL Injection (SQLi) vulnerability in TransbankDevelopers Transbank Webpay REST... High Unreviewed
CVE-2023-27610 was published Jul 6, 2023
KramerAV VIA GO² < 4.0.1.1326 is vulnerable to SQL Injection. Critical Unreviewed
CVE-2023-33509 was published Jul 6, 2023
The Web Directory Free for WordPress is vulnerable to SQL Injection via the ‘post_id’ parameter... High Unreviewed
CVE-2023-2201 was published Jul 6, 2023
The uListing plugin for WordPress is vulnerable to generic SQL Injection via the ‘listing_id’... High Unreviewed
CVE-2021-4340 was published Jul 6, 2023
ai-dev aicombinationsonfly before v0.3.1 was discovered to contain a SQL injection vulnerability... High Unreviewed
CVE-2023-33664 was published Jul 7, 2023
SQL injection vulnerability found in PrestaShop lekerawen_ocs before v.1.4.1 allow a remote... Critical Unreviewed
CVE-2023-27845 was published Jul 7, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-2046 was published Jul 10, 2023
Auth. (admin+) SQL Injection (SQLi) vulnerability in David F. Carr RSVPMaker plugin < 10.5.5... High Unreviewed
CVE-2023-29095 was published Jul 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database