Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,073 advisories

Loading
The LetsRecover WordPress plugin through 1.1.0 does not properly sanitise and escape a parameter... Critical Unreviewed
CVE-2022-4357 was published Jan 3, 2023
The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter... High Unreviewed
CVE-2022-4372 was published Jan 3, 2023
The WP RSS By Publishers WordPress plugin through 0.1 does not properly sanitize and escape a... High Unreviewed
CVE-2022-4359 was published Jan 3, 2023
A vulnerability, which was classified as critical, was found in SourceCodester Lead Management... Critical Unreviewed
CVE-2022-4855 was published Dec 30, 2022
Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-38542 was published Sep 14, 2022
When the server is configured to use trust authentication with a clientcert requirement or to use... High Unreviewed
CVE-2021-23214 was published Mar 5, 2022
A vulnerability classified as problematic was found in ummmmm nflpick-em.com up to 2.2.x. This... High Unreviewed
CVE-2022-4871 was published Jan 3, 2023
The Build App Online WordPress plugin before 1.0.19 does not properly sanitise and escape some... Critical Unreviewed
CVE-2022-3241 was published Jan 3, 2023
The WP RSS By Publishers WordPress plugin through 0.1 does not properly sanitize and escape a... High Unreviewed
CVE-2022-4360 was published Jan 3, 2023
A vulnerability was found in porpeeranut go-with-me. It has been declared as critical. Affected... Critical Unreviewed
CVE-2014-125032 was published Jan 2, 2023
The LetsRecover WordPress plugin through 1.1.0 does not properly sanitise and escape a parameter... High Unreviewed
CVE-2022-4356 was published Jan 3, 2023
Strapi mishandles hidden attributes within admin API responses High
CVE-2022-31367 was published for @strapi/strapi (npm) Sep 28, 2022
BigProf Online Invoicing System before 2.9 suffers from an unauthenticated SQL Injection found in... Critical Unreviewed
CVE-2020-35674 was published Sep 30, 2022
SQL injection vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service... High Unreviewed
CVE-2013-4827 was published May 13, 2022
Auth. SQL Injection (SQLi) vulnerability in WP-TopBar <= 5.36 versions. High Unreviewed
CVE-2023-23824 was published Jan 23, 2023
OpenCATS v0.9.6 was discovered to contain a SQL injection vulnerability via the importID... Moderate Unreviewed
CVE-2022-43023 was published Oct 19, 2022
The valueAsString parameter inside the JSON payload contained by the... Critical Unreviewed
CVE-2016-6566 was published May 13, 2022
Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL... High Unreviewed
CVE-2017-0914 was published May 13, 2022
A vulnerability in the Cisco Unified Communications Manager SQL database interface could allow an... Moderate Unreviewed
CVE-2017-12302 was published May 13, 2022
A SQL Injection issue was discovered in Moxa SoftCMS Live Viewer through 1.6. An improper... Critical Unreviewed
CVE-2017-12729 was published May 13, 2022
A SQL Injection issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100,... Critical Unreviewed
CVE-2017-12731 was published May 13, 2022
A SQL Injection vulnerability in the web framework of Cisco Prime Service Catalog could allow an... Moderate Unreviewed
CVE-2017-12364 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17658 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17654 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17656 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database