GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,542 advisories
Filter by severity
The SQL injection vulnerability in the Hide My WP WordPress plugin (versions <= 6.2.3) is...
Critical
Unreviewed
CVE-2021-36916
was published
Nov 25, 2021
The Contest Gallery WordPress plugin before 13.1.0.6 does not have capability checks and does not...
Critical
Unreviewed
CVE-2021-24915
was published
Nov 30, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as...
Critical
Unreviewed
CVE-2021-41678
was published
Dec 1, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as...
Critical
Unreviewed
CVE-2021-41679
was published
Dec 1, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as...
Critical
Unreviewed
CVE-2021-41677
was published
Dec 1, 2021
SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the...
Critical
Unreviewed
CVE-2021-43451
was published
Dec 2, 2021
attendance management system 1.0 is affected by a SQL injection vulnerability in admin...
Critical
Unreviewed
CVE-2021-44280
was published
Dec 2, 2021
ecshop v2.7.3 is affected by a SQL injection vulnerability in shopex\ecshop\upload\api\client\api...
Critical
Unreviewed
CVE-2021-43679
was published
Dec 3, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameer in App\Manage\Controller...
Critical
Unreviewed
CVE-2021-44348
was published
Dec 4, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameter in App\Manage...
Critical
Unreviewed
CVE-2021-44349
was published
Dec 4, 2021
Chamilo LMS v1.11.x was discovered to contain a SQL injection via the doc parameter in main...
Critical
Unreviewed
CVE-2021-35414
was published
Dec 4, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 in App\Manage\Controller\GuestbookController...
Critical
Unreviewed
CVE-2021-44347
was published
Dec 4, 2021
b2evolution CMS v7.2.3 was discovered to contain a SQL injection vulnerability via the parameter...
Critical
Unreviewed
CVE-2021-31632
was published
Dec 7, 2021
The Registrations for the Events Calendar WordPress plugin before 2.7.6 does not sanitise and...
Critical
Unreviewed
CVE-2021-24943
was published
Dec 7, 2021
The WP Data Access WordPress plugin before 5.0.0 does not properly sanitise and escape the...
Critical
Unreviewed
CVE-2021-24866
was published
Dec 7, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Two unauthenticated...
Critical
Unreviewed
CVE-2021-43035
was published
Dec 7, 2021
A SQL injection vulnerability in feature services provided by Esri ArcGIS Server 10.9 and below...
Critical
Unreviewed
CVE-2021-29114
was published
Dec 8, 2021
SQL injection vulnerability was discovered in Aanderaa GeoView Webservice prior to version 2.1.3...
Critical
Unreviewed
CVE-2021-41063
was published
Dec 9, 2021
An SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in...
Critical
Unreviewed
CVE-2021-41695
was published
Dec 10, 2021
wbce_cms is vulnerable to Improper Neutralization of Special Elements used in an SQL Command
Critical
Unreviewed
CVE-2021-3817
was published
Dec 10, 2021
SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System...
Critical
Unreviewed
CVE-2021-44966
was published
Dec 14, 2021
The LearnPress WordPress plugin before 4.1.4 does not sanitise, validate and escape the id...
Critical
Unreviewed
CVE-2021-24951
was published
Dec 14, 2021
The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the...
Critical
Unreviewed
CVE-2021-24946
was published
Dec 14, 2021
The WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots...
Critical
Unreviewed
CVE-2021-24863
was published
Dec 14, 2021
If configured to use an Oracle database and if a query is created using the flexible search java...
Critical
Unreviewed
CVE-2021-42064
was published
Dec 15, 2021
ProTip!
Advisories are also available from the
GraphQL API