GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
3,708 advisories
Filter by severity
Alisonic Sibylla devices are vulnerable to SQL injection attacks, which could allow complete...
Critical
Unreviewed
CVE-2024-8630
was published
Sep 27, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-3373
was published
Sep 27, 2024
The The Events Calendar plugin for WordPress is vulnerable to SQL Injection via the 'order'...
Critical
Unreviewed
CVE-2024-8275
was published
Sep 25, 2024
The WordPress Simple HTML Sitemap plugin for WordPress is vulnerable to SQL Injection via the 'id...
Critical
Unreviewed
CVE-2024-7385
was published
Sep 25, 2024
The Daily Prayer Time plugin for WordPress is vulnerable to SQL Injection via the 'max_word'...
Critical
Unreviewed
CVE-2024-8621
was published
Sep 25, 2024
The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to SQL...
Critical
Unreviewed
CVE-2024-8436
was published
Sep 25, 2024
The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to SQL Injection...
Critical
Unreviewed
CVE-2024-8624
was published
Sep 24, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-7735
was published
Sep 23, 2024
Navidrome has Multiple SQL Injections and ORM Leak
Critical
CVE-2024-47062
was published
for
github.com/navidrome/navidrome
(Go)
Sep 20, 2024
Best House Rental Management System 1.0 contains a SQL injection vulnerability in the...
Critical
Unreviewed
CVE-2024-46374
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-5958
was published
Sep 18, 2024
SQL Injection vulnerability in todesk v.1.1 allows a remote attacker to execute arbitrary code...
Critical
Unreviewed
CVE-2024-44542
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-43976
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-43978
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-44004
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-6401
was published
Sep 16, 2024
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to SQL...
Critical
Unreviewed
CVE-2024-8669
was published
Sep 16, 2024
SQL Injection vulnerability in Best Free Law Office Management Software-v1.0 allows an attacker...
Critical
Unreviewed
CVE-2024-44430
was published
Sep 13, 2024
ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the...
Critical
Unreviewed
CVE-2024-34334
was published
Sep 12, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the...
Critical
Unreviewed
CVE-2024-8522
was published
Sep 12, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the...
Critical
Unreviewed
CVE-2024-8529
was published
Sep 12, 2024
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a...
Critical
Unreviewed
CVE-2024-32843
was published
Sep 12, 2024
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a...
Critical
Unreviewed
CVE-2024-32845
was published
Sep 12, 2024
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a...
Critical
Unreviewed
CVE-2024-34779
was published
Sep 12, 2024
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a...
Critical
Unreviewed
CVE-2024-32846
was published
Sep 12, 2024
ProTip!
Advisories are also available from the
GraphQL API