Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

6,366 advisories

Loading
Querydsl vulnerable to HQL injection trough orderBy High
CVE-2024-49203 was published for com.querydsl:querydsl-apt (Maven) Nov 27, 2024
CSIRTTrizna
A SQL Injection vulnerability was found in /covid-tms/password-recovery.php in PHPGurukul COVID... High Unreviewed
CVE-2024-53603 was published Nov 27, 2024
The Security & Malware scan by CleanTalk plugin for WordPress is vulnerable to unauthorized SQL... High Unreviewed
CVE-2024-10570 was published Nov 26, 2024
An issue was discovered in Centreon centreon-open-tickets 24.10.x before 24.10.0, 24.04.x before... High Unreviewed
CVE-2024-45756 was published Nov 25, 2024
An issue was discovered in Centreon centreon-dsm-server 24.10.x before 24.10.0, 24.04.x before 24... High Unreviewed
CVE-2024-45755 was published Nov 25, 2024
Advantech iView ConfigurationServlet SQL Injection Information Disclosure Vulnerability. This... High Unreviewed
CVE-2023-52335 was published Nov 22, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-7837 was published Nov 22, 2024
Duplicate Advisory: Querydsl SQL/HQL injection High
GHSA-wpvf-5mc3-hv6m was published for com.querydsl:querydsl-apt (Maven) Nov 20, 2024 withdrawn
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 is vulnerable to SQL injection. A remote... High Unreviewed
CVE-2024-52360 was published Nov 19, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-52435 was published Nov 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-52436 was published Nov 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-3370 was published Nov 18, 2024
Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the... High Unreviewed
CVE-2024-49574 was published Nov 18, 2024
The Login using WordPress Users ( WP as SAML IDP ) plugin for WordPress is vulnerable to time... High Unreviewed
CVE-2024-9887 was published Nov 16, 2024
The Blogger 301 Redirect plugin for WordPress is vulnerable to blind time-based SQL Injection via... High Unreviewed
CVE-2024-10645 was published Nov 16, 2024
Improper neutralization of special elements used in an SQL command ('SQL Injection') in some... High Unreviewed
CVE-2024-39368 was published Nov 13, 2024
A SQL injection vulnerability in print.php of Itsourcecode Construction Management System 1.0... High Unreviewed
CVE-2024-50971 was published Nov 13, 2024
A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0... High Unreviewed
CVE-2024-50972 was published Nov 13, 2024
A SQL injection vulnerability in orderview1.php of Itsourcecode Online Furniture Shopping Project... High Unreviewed
CVE-2024-50970 was published Nov 13, 2024
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-34781 was published Nov 13, 2024
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-34782 was published Nov 13, 2024
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-32839 was published Nov 13, 2024
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-32841 was published Nov 13, 2024
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-32847 was published Nov 13, 2024
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... High Unreviewed
CVE-2024-37376 was published Nov 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database