Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,089 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-4531 was published Sep 5, 2023
abupy up to v0.4.0 was discovered to contain a SQL injection vulnerability via the component... Critical Unreviewed
CVE-2023-39654 was published Sep 5, 2023
Super Store Finder v3.6 was discovered to contain multiple SQL injection vulnerabilities in the... Critical Unreviewed
CVE-2023-41507 was published Sep 6, 2023
ARDEREG ?Sistema SCADA Central versions 2.203 and prior login page are vulnerable to an... Critical Unreviewed
CVE-2023-4485 was published Sep 6, 2023
The RDPData.dll file exposes the /irmdata/api/common endpoint that handles session IDs,  among... Critical Unreviewed
CVE-2023-39423 was published Sep 7, 2023
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1... Moderate Unreviewed
CVE-2021-45811 was published Sep 8, 2023
Dairy Farm Shop Management System Using PHP and MySQL v1.1 was discovered to contain multiple SQL... High Unreviewed
CVE-2023-41594 was published Sep 8, 2023
novel-plus 3.6.2 is vulnerable to SQL Injection. Critical Unreviewed
CVE-2023-30058 was published Sep 11, 2023
Sourcecodester Doctor Appointment System 1.0 is vulnerable to SQL Injection in the variable ... Critical Unreviewed
CVE-2023-40945 was published Sep 11, 2023
Schoolmate 1.3 is vulnerable to SQL Injection in the variable $schoolname from Database at ~... Critical Unreviewed
CVE-2023-40944 was published Sep 11, 2023
Schoolmate 1.3 is vulnerable to SQL Injection in the variable $username from SESSION in... Critical Unreviewed
CVE-2023-40946 was published Sep 11, 2023
In bindSelection of DatabaseUtils.java, there is a possible way to access files from other... Moderate Unreviewed
CVE-2023-35683 was published Sep 11, 2023
An SQL Injection vulnerability in the Management Console? (Operator Audit Trail) of BlackBerry... High Unreviewed
CVE-2023-21521 was published Sep 12, 2023
Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log query module. Moderate Unreviewed
CVE-2023-42178 was published Sep 14, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-4832 was published Sep 14, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-4766 was published Sep 14, 2023
SQL injection vulnerability in Super Store Finder PHP Script v.3.6 allows a remote attacker to... Critical Unreviewed
CVE-2023-38912 was published Sep 14, 2023
SQL injection vulnerability in Vtiger CRM v.7.5.0 allows a remote authenticated attacker to... High Unreviewed
CVE-2023-38891 was published Sep 15, 2023
SQL injection vulnerability in FIT2CLOUD RackShift v1.7.1 allows attackers to execute arbitrary... Critical Unreviewed
CVE-2023-42405 was published Sep 15, 2023
LeoTheme leoblog up to v3.1.2 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-39639 was published Sep 15, 2023
A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management (aka pdm) v.14.0... High Unreviewed
CVE-2023-40955 was published Sep 15, 2023
Active Design psaffiliate before v1.9.8 was discovered to contain a SQL injection vulnerability... Critical Unreviewed
CVE-2023-39641 was published Sep 15, 2023
Carts Guru cartsguru up to v2.4.2 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-39642 was published Sep 15, 2023
A SQL injection vulnerability in Cloudroits Website Job Search v.15.0 allows a remote... High Unreviewed
CVE-2023-40956 was published Sep 15, 2023
A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management (aka pdm) v.14.0... High Unreviewed
CVE-2023-40958 was published Sep 15, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database