Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,076 advisories

Loading
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail... High Unreviewed
CVE-2017-6578 was published May 14, 2022
A vulnerability, which was classified as critical, was found in maku-boot up to 2.2.0. This... High Unreviewed
CVE-2022-4322 was published Dec 7, 2022
Multiple SQL injection vulnerabilities in my little forum before 2.3.4 allow remote... Moderate Unreviewed
CVE-2015-1434 was published May 14, 2022
RISI Gestao de Horarios v3201.09.08 rev.23 allows SQL Injection. High Unreviewed
CVE-2019-6491 was published May 14, 2022
Apache OpenMeetings vulnerable to SQL injection High
CVE-2017-7681 was published for org.apache.openmeetings:openmeetings-parent (Maven) May 17, 2022
Laravel 5.4.15 is vulnerable to Error based SQL injection in save.php via dhx_user and... High Unreviewed
CVE-2018-6330 was published May 14, 2022
Teclib GLPI through 9.3.3 has SQL injection via the "cycle" parameter in /scripts/unlock_tasks.php. Critical Unreviewed
CVE-2019-10232 was published May 14, 2022
Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticated users to conduct SQL... High Unreviewed
CVE-2019-10663 was published May 14, 2022
S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter. Critical Unreviewed
CVE-2019-10708 was published May 14, 2022
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail... High Unreviewed
CVE-2017-6576 was published May 14, 2022
A SQL injection issue is exploitable, with WordPress admin access, in the Mail Masta (aka mail... High Unreviewed
CVE-2017-6577 was published May 14, 2022
MKCMS V5.0 has SQL injection via the bplay.php play parameter. Critical Unreviewed
CVE-2019-10707 was published May 14, 2022
SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows... High Unreviewed
CVE-2017-5609 was published May 14, 2022
subscriber.php in Webgalamb through 7.0 is vulnerable to SQL injection via the Client-IP HTTP... Critical Unreviewed
CVE-2018-19510 was published May 14, 2022
An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6. Due to a lack of user input... Critical Unreviewed
CVE-2019-5722 was published May 14, 2022
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page... High Unreviewed
CVE-2022-44393 was published Dec 7, 2022
Simple Phone Book/Directory Web App v1.0 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2022-45010 was published Dec 7, 2022
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a... High Unreviewed
CVE-2019-9053 was published May 14, 2022
The Enterprise Console in Cisco AppDynamics App iQ Platform before 4.4.3.10598 (HF4) allows SQL... Critical Unreviewed
CVE-2018-0225 was published May 14, 2022
SuiteCRM before 7.8.28, 7.9.x and 7.10.x before 7.10.15, and 7.11.x before 7.11.3 allows SQL... Critical Unreviewed
CVE-2019-6506 was published May 14, 2022
Attendance Monitoring System 1.0 has SQL Injection via the 'id' parameter to student/index.php... Critical Unreviewed
CVE-2018-18798 was published May 14, 2022
The vulnerability exists within processing of track_import_export.php in Schneider Electric U... High Unreviewed
CVE-2018-7765 was published May 14, 2022
Multiple SQL injection vulnerabilities in the Server Administration Panel in Parallels Plesk... High Unreviewed
CVE-2011-4725 was published May 14, 2022
SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote... Critical Unreviewed
CVE-2019-9184 was published May 14, 2022
Domoticz before 4.10578 allows SQL Injection via the idx parameter in CWebServer:... Critical Unreviewed
CVE-2019-10664 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database