GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
6,229 advisories
Filter by severity
SQL injection vulnerability in Welcart e-Commerce prior to 2.11.2 allows an attacker who can...
High
Unreviewed
CVE-2024-42404
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-43969
was published
Sep 18, 2024
SQL injection vulnerability in idoit pro version 28. This vulnerability could allow an attacker...
High
Unreviewed
CVE-2024-8749
was published
Sep 12, 2024
SQL Injection vulnerability in Ellevo v.6.2.0.38160 allows a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2024-42760
was published
Sep 11, 2024
SQL injection in the management console of Ivanti EPM before 2022 SU6, or the 2024 September...
High
Unreviewed
CVE-2024-8191
was published
Sep 10, 2024
AutoCMS v5.4 was discovered to contain a SQL injection vulnerability via the sidebar parameter at...
High
Unreviewed
CVE-2024-44725
was published
Sep 9, 2024
The Pinpoint Booking System – #1 WordPress Booking Plugin plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-7112
was published
Sep 7, 2024
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the...
High
Unreviewed
CVE-2023-50360
was published
Sep 6, 2024
Sourcecodester Simple Forum Website v1.0 has a SQL injection vulnerability in /php-sqlite-forum/...
High
Unreviewed
CVE-2024-44739
was published
Sep 6, 2024
The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is...
High
Unreviewed
CVE-2024-7349
was published
Sep 6, 2024
Sourcecodehero Event Management System1.0 is vulnerable to SQL Injection via the parameter ...
High
Unreviewed
CVE-2024-44727
was published
Sep 5, 2024
itsourcecode Alton Management System 1.0 is vulnerable to SQL Injection in /noncombo_save.php via...
High
Unreviewed
CVE-2024-44587
was published
Sep 5, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to...
High
Unreviewed
CVE-2024-45174
was published
Sep 4, 2024
SQL Injection vulnerability in ZZCMS v.2023 and before allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-44817
was published
Sep 4, 2024
SQL Injection in mock exam function of Easytest Online Test Platform ver.24E01 and earlier allow...
High
Unreviewed
CVE-2024-43776
was published
Sep 2, 2024
SQL Injection in online dictionary function of Easytest Online Test Platform ver.24E01 and...
High
Unreviewed
CVE-2024-7871
was published
Sep 2, 2024
SQL Injection in search course titles function of Easytest Online Test Platform ver.24E01 and...
High
Unreviewed
CVE-2024-43775
was published
Sep 2, 2024
SQL Injection in download personal learning course function of Easytest Online Test Platform ver...
High
Unreviewed
CVE-2024-43774
was published
Sep 2, 2024
The WP Events Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ...
High
Unreviewed
CVE-2024-7717
was published
Aug 31, 2024
Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection...
High
Unreviewed
CVE-2024-6204
was published
Aug 30, 2024
6SHR system from Gether Technology does not properly validate the specific page parameter,...
High
Unreviewed
CVE-2024-8329
was published
Aug 30, 2024
Easy test
Online Learning and Testing Platform from HWA JIUH DIGITAL TECHNOLOGY does not...
High
Unreviewed
CVE-2024-8327
was published
Aug 30, 2024
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an...
High
Unreviewed
CVE-2024-6672
was published
Aug 30, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-43965
was published
Aug 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2024-43943
was published
Aug 29, 2024
ProTip!
Advisories are also available from the
GraphQL API