Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,073 advisories

Loading
A vulnerability exists in the RunSearch function of SearchService service in Rockwell Automation... Critical Unreviewed
CVE-2021-27472 was published Mar 24, 2022
SQL Injection in Moodle High
CVE-2022-0983 was published for moodle/moodle (Composer) Mar 26, 2022
An issue was discovered in ApiManager 1.1. there is sql injection vulnerability that can use in ... Critical Unreviewed
CVE-2021-43700 was published Mar 25, 2022
Rapid7 Nexpose versions 6.6.93 and earlier are susceptible to an SQL Injection vulnerability,... Critical Unreviewed
CVE-2022-0757 was published Mar 19, 2022
An SQL Injection vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which... Critical Unreviewed
CVE-2021-44088 was published Mar 19, 2022
The Infographic Maker WordPress plugin before 4.3.8 does not validate and escape the post_id... Critical Unreviewed
CVE-2022-0747 was published Mar 22, 2022
Piwigo v12.2.0 was discovered to contain a SQL injection vulnerability via pwg.users.php. High Unreviewed
CVE-2022-26266 was published Mar 20, 2022
Beijing Wisdom Vision Technology Industry Co., Ltd One Card Integrated Management System 3.0 is... High Unreviewed
CVE-2021-44345 was published Mar 21, 2022
SQL Injection in Yeswiki High
CVE-2021-43091 was published for yeswiki/yeswiki (Composer) Mar 26, 2022
MyBatis plus v3.4.3 was discovered to contain a SQL injection vulnerability via the Column... Critical Unreviewed
CVE-2022-25517 was published Mar 23, 2022
Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2022-26285 was published Mar 23, 2022
Simple Client Management System v1.0 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed
CVE-2022-26284 was published Mar 23, 2022
The Block Bad Bots WordPress plugin before 6.88 does not properly sanitise and escape the User... Critical Unreviewed
CVE-2021-25070 was published Mar 29, 2022
A blind SQL injection vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10... Moderate Unreviewed
CVE-2022-0842 was published Mar 24, 2022
An SQL Injection vulnerability exists in Dreamer CMS 4.0.0 via the tableName parameter. Critical Unreviewed
CVE-2021-43084 was published Mar 25, 2022
SQL Injection in Fork CMS High
CVE-2022-0153 was published for forkcms/forkcms (Composer) Mar 25, 2022
Xiaohuanxiong v1.0 was discovered to contain a SQL injection vulnerability via the id parameter... Critical Unreviewed
CVE-2022-26268 was published Mar 29, 2022
The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the... Critical Unreviewed
CVE-2022-0846 was published Mar 29, 2022
The Limit Login Attempts (Spam Protection) WordPress plugin before 5.1 does not sanitise and... Critical Unreviewed
CVE-2022-0787 was published Mar 29, 2022
The Title Experiments Free WordPress plugin before 9.0.1 does not sanitise and escape the id... Critical Unreviewed
CVE-2022-0784 was published Mar 29, 2022
TuziCMS 2.0.6 is affected by SQL injection in \App\Manage\Controller\BannerController.class.php. Critical Unreviewed
CVE-2022-23882 was published Mar 29, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection... Critical Unreviewed
CVE-2022-26059 was published Mar 30, 2022
The Popup Builder WordPress plugin before 4.1.1 does not sanitise and escape the sgpb... Critical Unreviewed
CVE-2022-0479 was published Mar 29, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection... Critical Unreviewed
CVE-2022-26887 was published Mar 30, 2022
Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection... Critical Unreviewed
CVE-2022-26514 was published Mar 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database