GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,542 advisories
Filter by severity
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-52431
was published
Nov 18, 2024
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6...
Critical
Unreviewed
CVE-2024-50330
was published
Nov 12, 2024
Powerjob >= 3.20 is vulnerable to SQL injection via the version parameter.
Critical
Unreviewed
CVE-2024-44546
was published
Nov 11, 2024
A SQL injection vulnerability in /omrs/admin/search.php in PHPGurukul Online Marriage...
Critical
Unreviewed
CVE-2024-50989
was published
Nov 11, 2024
Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote...
Critical
Unreviewed
CVE-2024-11016
was published
Nov 11, 2024
Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote...
Critical
Unreviewed
CVE-2024-11020
was published
Nov 11, 2024
SourceCodester Survey Application System 1.0 is vulnerable to SQL Injection in takeSurvey.php via...
Critical
Unreviewed
CVE-2024-50766
was published
Nov 8, 2024
Waybox Enel X web management application could execute arbitrary requests on the internal...
Critical
Unreviewed
CVE-2023-29118
was published
Nov 5, 2024
Waybox Enel X web management application could execute arbitrary requests on the internal...
Critical
Unreviewed
CVE-2023-29119
was published
Nov 5, 2024
The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote,...
Critical
Unreviewed
CVE-2024-10687
was published
Nov 5, 2024
SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote...
Critical
Unreviewed
CVE-2024-51327
was published
Nov 4, 2024
A SQL injection vulnerability exists in the `/api/v1/external-users` route of lunary-ai/lunary...
Critical
Unreviewed
CVE-2024-7456
was published
Nov 1, 2024
Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection via the tid...
Critical
Unreviewed
CVE-2024-51064
was published
Oct 31, 2024
Projectworlds Online Admission System v1 is vulnerable to SQL Injection in index.php via the ...
Critical
Unreviewed
CVE-2024-51060
was published
Oct 31, 2024
Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection in add-teacher...
Critical
Unreviewed
CVE-2024-51063
was published
Oct 31, 2024
Phpgurukul Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in admin/index...
Critical
Unreviewed
CVE-2024-51065
was published
Oct 31, 2024
A NoSQL injection vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers...
Critical
Unreviewed
CVE-2024-48573
was published
Oct 30, 2024
LyLme Spage <=1.6.0 is vulnerable to SQL Injection via /admin/group.php.
Critical
Unreviewed
CVE-2024-48356
was published
Oct 28, 2024
The MRBS version 1.5.0 has an SQL injection vulnerability in the edit_entry_handler.php file,...
Critical
Unreviewed
CVE-2024-48465
was published
Oct 28, 2024
LyLme Spage 1.2.0 through 1.6.0 is vulnerable to SQL Injection via /admin/apply.php.
Critical
Unreviewed
CVE-2024-48357
was published
Oct 28, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-50479
was published
Oct 28, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-50491
was published
Oct 28, 2024
The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing unauthenticated remote...
Critical
Unreviewed
CVE-2024-10440
was published
Oct 28, 2024
SQL Injection vulnerability in Best courier management system in php v.1.0 allows a remote...
Critical
Unreviewed
CVE-2024-48580
was published
Oct 25, 2024
Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to SQL Injection in the ...
Critical
Unreviewed
CVE-2024-41618
was published
Oct 25, 2024
ProTip!
Advisories are also available from the
GraphQL API