GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,567
Composer 4,697
Erlang 34
GitHub Actions 28
Go 2,289
Maven 5,573
npm 3,936
NuGet 708
pip 3,706
Pub 12
RubyGems 919
Rust 959
Swift 38

Unreviewed advisories

All unreviewed 256,057

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,034 advisories

Filter by severity

Sort by

Least recently updated

The LearnPress WordPress plugin before 4.1.4 does not sanitise, validate and escape the id... Critical Unreviewed

CVE-2021-24951 was published Dec 14, 2021

SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System... Critical Unreviewed

CVE-2021-44966 was published Dec 14, 2021

wbce_cms is vulnerable to Improper Neutralization of Special Elements used in an SQL Command Critical Unreviewed

CVE-2021-3817 was published Dec 10, 2021

An SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in... Critical Unreviewed

CVE-2021-41695 was published Dec 10, 2021

SQL injection vulnerability was discovered in Aanderaa GeoView Webservice prior to version 2.1.3... Critical Unreviewed

CVE-2021-41063 was published Dec 9, 2021

A SQL injection vulnerability in feature services provided by Esri ArcGIS Server 10.9 and below... Critical Unreviewed

CVE-2021-29114 was published Dec 8, 2021

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Two unauthenticated... Critical Unreviewed

CVE-2021-43035 was published Dec 7, 2021

The WP Data Access WordPress plugin before 5.0.0 does not properly sanitise and escape the... Critical Unreviewed

CVE-2021-24866 was published Dec 7, 2021

The Registrations for the Events Calendar WordPress plugin before 2.7.6 does not sanitise and... Critical Unreviewed

CVE-2021-24943 was published Dec 7, 2021

b2evolution CMS v7.2.3 was discovered to contain a SQL injection vulnerability via the parameter... Critical Unreviewed

CVE-2021-31632 was published Dec 7, 2021

SQL Injection vulnerability exists in TuziCMS v2.0.6 in App\Manage\Controller\GuestbookController... Critical Unreviewed

CVE-2021-44347 was published Dec 4, 2021

SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameter in App\Manage... Critical Unreviewed

CVE-2021-44349 was published Dec 4, 2021

Chamilo LMS v1.11.x was discovered to contain a SQL injection via the doc parameter in main... Critical Unreviewed

CVE-2021-35414 was published Dec 4, 2021

SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameer in App\Manage\Controller... Critical Unreviewed

CVE-2021-44348 was published Dec 4, 2021

ecshop v2.7.3 is affected by a SQL injection vulnerability in shopex\ecshop\upload\api\client\api... Critical Unreviewed

CVE-2021-43679 was published Dec 3, 2021

SQL Injection in rosariosis Critical

CVE-2021-44427 was published for francoisjacquet/rosariosis (Composer) Dec 2, 2021

attendance management system 1.0 is affected by a SQL injection vulnerability in admin... Critical Unreviewed

CVE-2021-44280 was published Dec 2, 2021

SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the... Critical Unreviewed

CVE-2021-43451 was published Dec 2, 2021

A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as... Critical Unreviewed

CVE-2021-41677 was published Dec 1, 2021

A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as... Critical Unreviewed

CVE-2021-41679 was published Dec 1, 2021

A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as... Critical Unreviewed

CVE-2021-41678 was published Dec 1, 2021

The Contest Gallery WordPress plugin before 13.1.0.6 does not have capability checks and does not... Critical Unreviewed

CVE-2021-24915 was published Nov 30, 2021

The SQL injection vulnerability in the Hide My WP WordPress plugin (versions <= 6.2.3) is... Critical Unreviewed

CVE-2021-36916 was published Nov 25, 2021

DBAL 3 SQL Injection Security Vulnerability Critical

CVE-2021-43608 was published for doctrine/dbal (Composer) Nov 16, 2021

SQL Injection and Cross-site Scripting in class-validator Critical

CVE-2019-18413 was published for class-validator (npm) Oct 12, 2021

Previous 1 2 … 158 159 160 161 162 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,034 advisories