GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,469

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,605 advisories

Filter by severity

Sort by

Least recently updated

A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the id parameter at ... Critical Unreviewed

CVE-2024-53505 was published Nov 29, 2024

A SQL injection vulnerability was discovered in Siyuan 3.1.11 in /getHistoryItems. Critical Unreviewed

CVE-2024-53507 was published Nov 29, 2024

A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the ids array parameter in... Critical Unreviewed

CVE-2024-53506 was published Nov 29, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-52474 was published Nov 28, 2024

A non-admin user account on the Zabbix frontend with the default User role, or with any other... Critical Unreviewed

CVE-2024-42327 was published Nov 27, 2024

qiwen-file v1.4.0 was discovered to contain a SQL injection vulnerability via the component ... Critical Unreviewed

CVE-2024-50942 was published Nov 26, 2024

A NoSQL injection vulnerability in Adapt Learning Adapt Authoring Tool <= 0.11.3 allows... Critical Unreviewed

CVE-2024-50672 was published Nov 25, 2024

EventAttendance.php in ChurchCRM 5.7.0 is vulnerable to SQL injection. An attacker can exploit... Critical Unreviewed

CVE-2024-53438 was published Nov 22, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-52431 was published Nov 18, 2024

Multiple parameters have SQL injection vulnerability in JEPaaS 7.2.8 via /je/login/btnLog... Critical Unreviewed

CVE-2024-51164 was published Nov 15, 2024

KASO v9.0 was discovered to contain a SQL injection vulnerability via the person_id parameter at ... Critical Unreviewed

CVE-2024-50724 was published Nov 15, 2024

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6... Critical Unreviewed

CVE-2024-50330 was published Nov 12, 2024

Powerjob >= 3.20 is vulnerable to SQL injection via the version parameter. Critical Unreviewed

CVE-2024-44546 was published Nov 11, 2024

A SQL injection vulnerability in /omrs/admin/search.php in PHPGurukul Online Marriage... Critical Unreviewed

CVE-2024-50989 was published Nov 11, 2024

Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote... Critical Unreviewed

CVE-2024-11016 was published Nov 11, 2024

Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote... Critical Unreviewed

CVE-2024-11020 was published Nov 11, 2024

SourceCodester Survey Application System 1.0 is vulnerable to SQL Injection in takeSurvey.php via... Critical Unreviewed

CVE-2024-50766 was published Nov 8, 2024

Waybox Enel X web management application could execute arbitrary requests on the internal... Critical Unreviewed

CVE-2023-29118 was published Nov 5, 2024

Waybox Enel X web management application could execute arbitrary requests on the internal... Critical Unreviewed

CVE-2023-29119 was published Nov 5, 2024

The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote,... Critical Unreviewed

CVE-2024-10687 was published Nov 5, 2024

SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote... Critical Unreviewed

CVE-2024-51327 was published Nov 4, 2024

A SQL injection vulnerability exists in the `/api/v1/external-users` route of lunary-ai/lunary... Critical Unreviewed

CVE-2024-7456 was published Nov 1, 2024

Projectworlds Online Admission System v1 is vulnerable to SQL Injection in index.php via the ... Critical Unreviewed

CVE-2024-51060 was published Oct 31, 2024

Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection in add-teacher... Critical Unreviewed

CVE-2024-51063 was published Oct 31, 2024

Phpgurukul Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in admin/index... Critical Unreviewed

CVE-2024-51065 was published Oct 31, 2024

Previous 1 2 3 4 5 … 144 145 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,605 advisories