Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

12,924 advisories

Loading
Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php... Critical Unreviewed
CVE-2017-17110 was published May 13, 2022
An issue was discovered in CSS-TRICKS Chat2 through 2015-05-05. The userid parameter in jumpin... Critical Unreviewed
CVE-2019-7316 was published May 13, 2022
SQL Injection exists in the Fastball 2.5 component for Joomla! via the season parameter in a view... Critical Unreviewed
CVE-2018-6373 was published May 13, 2022
IBM Security Access Manager for Web is vulnerable to SQL injection. A remote attacker could send... Moderate Unreviewed
CVE-2016-3046 was published May 13, 2022
SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and... High Unreviewed
CVE-2011-2688 was published May 13, 2022
SQL injection vulnerability in login.php in InfiniteWP Admin Panel before 2.4.3 allows remote... High Unreviewed
CVE-2014-9519 was published May 13, 2022
SQL injection vulnerability in execute.php in InfiniteWP Admin Panel before 2.4.4 allows remote... High Unreviewed
CVE-2014-9520 was published May 13, 2022
Moodle 2.0.x before 2.0.3 allows remote authenticated users to cause a denial of service (invalid... Moderate Unreviewed
CVE-2011-4292 was published May 13, 2022
SQL injection vulnerability in calendar/event.php in the calendar implementation in Moodle 1.9.x... Moderate Unreviewed
CVE-2012-2363 was published May 13, 2022
Multiple SQL injection vulnerabilities in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 allow... High Unreviewed
CVE-2010-1615 was published May 13, 2022
SQL injection vulnerability in mod/feedback/complete.php in Moodle 2.0.x before 2.0.10, 2.1.x... Moderate Unreviewed
CVE-2012-3395 was published May 13, 2022
Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not... High Unreviewed
CVE-2013-4313 was published May 13, 2022
The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection ... High Unreviewed
CVE-2018-12636 was published May 13, 2022
Multiple SQL injection vulnerabilities in MantisBT before 1.2.16 allow remote attackers to... High Unreviewed
CVE-2014-1609 was published May 13, 2022
SQL injection vulnerability in the mc_project_get_attachments function in api/soap/mc_project_api... High Unreviewed
CVE-2014-8554 was published May 13, 2022
SQL injection vulnerability in the mci_file_get function in api/soap/mc_file_api.php in MantisBT... High Unreviewed
CVE-2014-1608 was published May 13, 2022
Dolibarr SQL Injection vulnerability Critical
CVE-2018-9019 was published for dolibarr/dolibarr (Composer) May 13, 2022
SQL Injection exists in the CheckList 1.1.1 component for Joomla! via the title_search,... Critical Unreviewed
CVE-2018-7318 was published May 13, 2022
SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7... Critical Unreviewed
CVE-2017-5611 was published May 13, 2022
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0... High Unreviewed
CVE-2017-15933 was published May 13, 2022
SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote... High Unreviewed
CVE-2017-16000 was published May 13, 2022
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0... High Unreviewed
CVE-2017-15880 was published May 13, 2022
The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter... Critical Unreviewed
CVE-2017-14402 was published May 13, 2022
SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the user_id cookie... Critical Unreviewed
CVE-2017-14247 was published May 13, 2022
SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the group_id... Critical Unreviewed
CVE-2017-14252 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database