Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

12,924 advisories

Loading
The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter... Critical Unreviewed
CVE-2017-14401 was published May 13, 2022
The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the term parameter to... Critical Unreviewed
CVE-2017-14403 was published May 13, 2022
EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb leading to remote root Critical Unreviewed
CVE-2017-1000060 was published May 13, 2022
SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote... Critical Unreviewed
CVE-2014-2323 was published May 13, 2022
The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links... Critical Unreviewed
CVE-2018-17254 was published May 13, 2022
SQL injection vulnerability in _rights.php in DynPG CMS 4.2.0 allows remote attackers to execute... High Unreviewed
CVE-2010-4400 was published May 13, 2022
Multiple SQL injection vulnerabilities in Pixie CMS 1.01 through 1.04 allow remote attackers to... High Unreviewed
CVE-2011-4710 was published May 13, 2022
SQL injection vulnerability in Runtime/Runtime/AjaxCall.ashx in K2 blackpearl, smartforms, and K2... High Unreviewed
CVE-2015-7299 was published May 13, 2022
SQL injection vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to execute... High Unreviewed
CVE-2012-1255 was published May 13, 2022
An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote... Critical Unreviewed
CVE-2018-9029 was published May 13, 2022
Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5... Critical Unreviewed
CVE-2018-13824 was published May 13, 2022
SQL injection vulnerability in CA Release Automation (formerly iTKO LISA Release Automation)... Moderate Unreviewed
CVE-2014-8248 was published May 13, 2022
Multiple SQL injection vulnerabilities in the Unified Network Control (UNC) Server in CA Total... High Unreviewed
CVE-2011-1653 was published May 13, 2022
Multiple SQL injection vulnerabilities in CRM/Core/Page/AJAX/Location.php in CiviCRM before 4.2... High Unreviewed
CVE-2013-5957 was published May 13, 2022
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote... Critical Unreviewed
CVE-2016-2386 was published May 13, 2022
SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP... High Unreviewed
CVE-2017-7717 was published May 13, 2022
SQL injection vulnerability in classifieds.php in PHP-Fusion allows remote attackers to execute... High Unreviewed
CVE-2008-5197 was published May 13, 2022
SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder... Critical Unreviewed
CVE-2016-4999 was published May 13, 2022
Zoho ManageEngine OpManager 12.3 before 123238 allows SQL injection via the getGraphData API. Critical Unreviewed
CVE-2018-20173 was published May 13, 2022
Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via Mail Server settings. Critical Unreviewed
CVE-2018-18949 was published May 13, 2022
Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL injection in the Alarms section. Critical Unreviewed
CVE-2018-20338 was published May 13, 2022
A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecurity Core Rule Set (owasp... High Unreviewed
CVE-2018-16384 was published May 13, 2022
SQL injection vulnerability in the MaLion for Windows and Mac 5.0.0 to 5.2.1 allows remote... Critical Unreviewed
CVE-2017-10816 was published May 13, 2022
SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in... Moderate Unreviewed
CVE-2013-7262 was published May 13, 2022
Multiple SQL injection vulnerabilities in MapServer before 4.10.7, 5.x before 5.6.7, and 6.x... High Unreviewed
CVE-2011-2703 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database