Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

12,720 advisories

Loading
The Email Before Download WordPress plugin before 6.8 does not properly validate and escape the... High Unreviewed
CVE-2021-24748 was published Nov 30, 2021
The myCred WordPress plugin before 2.3 does not validate or escape the fields parameter before... High Unreviewed
CVE-2021-24755 was published Nov 30, 2021
Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A... High Unreviewed
CVE-2021-36328 was published Dec 1, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as... Critical Unreviewed
CVE-2021-41678 was published Dec 1, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as... Critical Unreviewed
CVE-2021-41679 was published Dec 1, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as... Critical Unreviewed
CVE-2021-41677 was published Dec 1, 2021
SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the... Critical Unreviewed
CVE-2021-43451 was published Dec 2, 2021
attendance management system 1.0 is affected by a SQL injection vulnerability in admin... Critical Unreviewed
CVE-2021-44280 was published Dec 2, 2021
SQL Injection in rosariosis Critical
CVE-2021-44427 was published for francoisjacquet/rosariosis (Composer) Dec 2, 2021
CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the... Moderate Unreviewed
CVE-2021-44050 was published Dec 3, 2021
ecshop v2.7.3 is affected by a SQL injection vulnerability in shopex\ecshop\upload\api\client\api... Critical Unreviewed
CVE-2021-43679 was published Dec 3, 2021
The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape a parameter before... High Unreviewed
CVE-2020-35012 was published Dec 3, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameer in App\Manage\Controller... Critical Unreviewed
CVE-2021-44348 was published Dec 4, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameter in App\Manage... Critical Unreviewed
CVE-2021-44349 was published Dec 4, 2021
Chamilo LMS v1.11.x was discovered to contain a SQL injection via the doc parameter in main... Critical Unreviewed
CVE-2021-35414 was published Dec 4, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 in App\Manage\Controller\GuestbookController... Critical Unreviewed
CVE-2021-44347 was published Dec 4, 2021
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function... High Unreviewed
CVE-2021-25783 was published Dec 4, 2021
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function... High Unreviewed
CVE-2021-25784 was published Dec 4, 2021
b2evolution CMS v7.2.3 was discovered to contain a SQL injection vulnerability via the parameter... Critical Unreviewed
CVE-2021-31632 was published Dec 7, 2021
Piwigo v11.5 was discovered to contain a SQL injection vulnerability via the parameter pwg_token... High Unreviewed
CVE-2021-40313 was published Dec 7, 2021
The Registrations for the Events Calendar WordPress plugin before 2.7.6 does not sanitise and... Critical Unreviewed
CVE-2021-24943 was published Dec 7, 2021
The WP Data Access WordPress plugin before 5.0.0 does not properly sanitise and escape the... Critical Unreviewed
CVE-2021-24866 was published Dec 7, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Two unauthenticated... Critical Unreviewed
CVE-2021-43035 was published Dec 7, 2021
SQL injection in prestashop/prestashop High
CVE-2021-43789 was published for prestashop/prestashop (Composer) Dec 7, 2021
PierreRambaud
Authenticated Blind & Error-based SQL injection vulnerability was discovered in Online Enrollment... High Unreviewed
CVE-2021-40578 was published Dec 8, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database