GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,599 advisories
Filter by severity
The WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots...
Critical
Unreviewed
CVE-2021-24863
was published
Dec 14, 2021
The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the...
Critical
Unreviewed
CVE-2021-24946
was published
Dec 14, 2021
The LearnPress WordPress plugin before 4.1.4 does not sanitise, validate and escape the id...
Critical
Unreviewed
CVE-2021-24951
was published
Dec 14, 2021
SQL injection bypass authentication vulnerability in PHPGURUKUL Employee Record Management System...
Critical
Unreviewed
CVE-2021-44966
was published
Dec 14, 2021
wbce_cms is vulnerable to Improper Neutralization of Special Elements used in an SQL Command
Critical
Unreviewed
CVE-2021-3817
was published
Dec 10, 2021
An SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in...
Critical
Unreviewed
CVE-2021-41695
was published
Dec 10, 2021
SQL injection vulnerability was discovered in Aanderaa GeoView Webservice prior to version 2.1.3...
Critical
Unreviewed
CVE-2021-41063
was published
Dec 9, 2021
A SQL injection vulnerability in feature services provided by Esri ArcGIS Server 10.9 and below...
Critical
Unreviewed
CVE-2021-29114
was published
Dec 8, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Two unauthenticated...
Critical
Unreviewed
CVE-2021-43035
was published
Dec 7, 2021
The WP Data Access WordPress plugin before 5.0.0 does not properly sanitise and escape the...
Critical
Unreviewed
CVE-2021-24866
was published
Dec 7, 2021
The Registrations for the Events Calendar WordPress plugin before 2.7.6 does not sanitise and...
Critical
Unreviewed
CVE-2021-24943
was published
Dec 7, 2021
b2evolution CMS v7.2.3 was discovered to contain a SQL injection vulnerability via the parameter...
Critical
Unreviewed
CVE-2021-31632
was published
Dec 7, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 in App\Manage\Controller\GuestbookController...
Critical
Unreviewed
CVE-2021-44347
was published
Dec 4, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameter in App\Manage...
Critical
Unreviewed
CVE-2021-44349
was published
Dec 4, 2021
Chamilo LMS v1.11.x was discovered to contain a SQL injection via the doc parameter in main...
Critical
Unreviewed
CVE-2021-35414
was published
Dec 4, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameer in App\Manage\Controller...
Critical
Unreviewed
CVE-2021-44348
was published
Dec 4, 2021
ecshop v2.7.3 is affected by a SQL injection vulnerability in shopex\ecshop\upload\api\client\api...
Critical
Unreviewed
CVE-2021-43679
was published
Dec 3, 2021
attendance management system 1.0 is affected by a SQL injection vulnerability in admin...
Critical
Unreviewed
CVE-2021-44280
was published
Dec 2, 2021
SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the...
Critical
Unreviewed
CVE-2021-43451
was published
Dec 2, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as...
Critical
Unreviewed
CVE-2021-41677
was published
Dec 1, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as...
Critical
Unreviewed
CVE-2021-41678
was published
Dec 1, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as...
Critical
Unreviewed
CVE-2021-41679
was published
Dec 1, 2021
The Contest Gallery WordPress plugin before 13.1.0.6 does not have capability checks and does not...
Critical
Unreviewed
CVE-2021-24915
was published
Nov 30, 2021
The SQL injection vulnerability in the Hide My WP WordPress plugin (versions <= 6.2.3) is...
Critical
Unreviewed
CVE-2021-36916
was published
Nov 25, 2021
ProTip!
Advisories are also available from the
GraphQL API