GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,345
Composer 4,134
Erlang 29
GitHub Actions 19
Go 1,941
Maven 5,135
npm 3,679
NuGet 648
pip 3,297
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 231,359

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,498 advisories

Filter by severity

Sort by

Least recently updated

Learning with Texts (LWT) 2.0.3 is vulnerable to SQL Injection. This occurs when the application... Critical Unreviewed

CVE-2024-48509 was published Oct 21, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-49246 was published Oct 17, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-49305 was published Oct 17, 2024

The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the ... Critical Unreviewed

CVE-2016-15040 was published Oct 16, 2024

itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to SQL Injection (SQLI... Critical Unreviewed

CVE-2024-48411 was published Oct 15, 2024

Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL... Critical Unreviewed

CVE-2024-48283 was published Oct 15, 2024

SQL injection vulnerability in TAI Smart Factory's QPLANT SF version 1.0. Exploitation of this... Critical Unreviewed

CVE-2024-9925 was published Oct 15, 2024

Property Management System from ChanGate has a SQL Injection vulnerability, allowing... Critical Unreviewed

CVE-2024-9972 was published Oct 15, 2024

AIM LINE Marketing Platform from Esi Technology does not properly validate a specific query... Critical Unreviewed

CVE-2024-9982 was published Oct 15, 2024

Wavelog 1.8.5 allows Activated_gridmap_model.php get_band_confirmed SQL injection via band, sat,... Critical Unreviewed

CVE-2024-48251 was published Oct 14, 2024

Cloudlog 2.6.15 allows Oqrs.php get_station_info station_id SQL injection. Critical Unreviewed

CVE-2024-48255 was published Oct 14, 2024

The Team+ from TEAMPLUS TECHNOLOGY does not properly validate specific page parameter, allowing... Critical Unreviewed

CVE-2024-9921 was published Oct 14, 2024

netease-youdao/qanything version 1.4.1 contains a vulnerability where unsafe data obtained from... Critical Unreviewed

CVE-2024-7099 was published Oct 13, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-47331 was published Oct 11, 2024

SQL Injection vulnerability in OpenHIS v.1.0 allows an attacker to execute arbitrary code via the... Critical Unreviewed

CVE-2024-46532 was published Oct 11, 2024

The SEUR plugin, in its versions prior to 2.5.11, is vulnerable to time-based SQL injection... Critical Unreviewed

CVE-2024-9201 was published Oct 10, 2024

An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated... Critical Unreviewed

CVE-2024-9465 was published Oct 9, 2024

Microsoft Configuration Manager Remote Code Execution Vulnerability Critical Unreviewed

CVE-2024-43468 was published Oct 8, 2024

A SQL injection vulnerability in login portal in AnteeoWMS before v4.7.34 allows unauthenticated... Critical Unreviewed

CVE-2024-44349 was published Oct 8, 2024

The LatePoint plugin for WordPress is vulnerable to Arbitrary User Password Change via SQL... Critical Unreviewed

CVE-2024-8911 was published Oct 8, 2024

SQL injection vulnerability in SOPlanning <1.45, via /soplanning/www/user_groupes.php in the by... Critical Unreviewed

CVE-2024-9574 was published Oct 7, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-47350 was published Oct 6, 2024

Cavok – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Critical Unreviewed

CVE-2024-45249 was published Oct 6, 2024

Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx.... Critical Unreviewed

CVE-2024-43699 was published Oct 4, 2024

A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the... Critical Unreviewed

CVE-2024-45999 was published Oct 1, 2024

Previous 1 2 3 4 5 … 139 140 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,498 advisories