Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,095 advisories

Loading
Millhouse-Project v1.414 was discovered to contain a remote code execution (RCE) vulnerability... Critical Unreviewed
CVE-2023-37165 was published Jul 20, 2023
SQL injection vulnerability in diskusi.php in eNdonesia 8.7, allows an attacker to execute... Critical Unreviewed
CVE-2023-31753 was published Jul 20, 2023
The User Activity Log WordPress plugin before 1.6.3 does not properly sanitise and escape the ... High Unreviewed
CVE-2023-2761 was published Jul 24, 2023
REDCap 12.0.26 LTS and 12.3.2 Standard allows SQL Injection via scheduling, repeatforms, purpose,... Low Unreviewed
CVE-2023-37361 was published Jul 25, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-3046 was published Jul 25, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-35066 was published Jul 25, 2023
SQL injection vulnerability found in PrestaShop sendinblue v.4.0.15 and before allow a remote... Critical Unreviewed
CVE-2023-26859 was published Jul 26, 2023
SQL injection vulnerability in yunyecms 2.0.2 allows remote attackers to run arbitrary SQL... Critical Unreviewed
CVE-2020-21662 was published Jul 31, 2023
Wifi Soft Unibox Administration 3.0 and 3.1 is vulnerable to SQL Injection. The vulnerability... Critical Unreviewed
CVE-2023-34635 was published Jul 31, 2023
Art Gallery Management System v1.0 contains a SQL injection vulnerability via the cid parameter... Critical Unreviewed
CVE-2023-37771 was published Jul 31, 2023
An authenticated SQL injection vulnerability exists in Advantech iView versions prior to v5.7.4... High Unreviewed
CVE-2023-3983 was published Jul 31, 2023
BMC Control-M Software v9.0.20.200 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed
CVE-2023-39122 was published Aug 1, 2023
ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability. Critical Unreviewed
CVE-2023-38954 was published Aug 3, 2023
User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi”... High Unreviewed
CVE-2023-21412 was published Aug 3, 2023
A SQL injection vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows... High Unreviewed
CVE-2023-33366 was published Aug 3, 2023
SQL injection vulnerability in MotoCMS v.3.4.3 allows a remote attacker to gain privileges via... Critical Unreviewed
CVE-2023-36213 was published Aug 3, 2023
ai-dev aioptimizedcombinations before v0.1.3 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2023-33666 was published Aug 3, 2023
emlog v2.1.9 was discovered to contain a SQL injection vulnerability via the component /admin... High Unreviewed
CVE-2023-39121 was published Aug 3, 2023
ai-dev aitable before v0.2.2 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-33665 was published Aug 4, 2023
A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing... Critical Unreviewed
CVE-2023-33367 was published Aug 5, 2023
The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14.15 does not properly... High Unreviewed
CVE-2023-2843 was published Aug 7, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-23758 was published Aug 7, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-23757 was published Aug 7, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-34476 was published Aug 7, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-34477 was published Aug 7, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database