GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,599 advisories
Filter by severity
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-50491
was published
Oct 28, 2024
The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing unauthenticated remote...
Critical
Unreviewed
CVE-2024-10440
was published
Oct 28, 2024
SQL Injection vulnerability in Best courier management system in php v.1.0 allows a remote...
Critical
Unreviewed
CVE-2024-48580
was published
Oct 25, 2024
Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to SQL Injection in the ...
Critical
Unreviewed
CVE-2024-41618
was published
Oct 25, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2023-6441
was published
Oct 24, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-49681
was published
Oct 24, 2024
SQL Injection vulnerability in Online Complaint Site v.1.0 allows a remote attacker to escalate...
Critical
Unreviewed
CVE-2024-44812
was published
Oct 23, 2024
A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an...
Critical
Unreviewed
CVE-2024-35286
was published
Oct 21, 2024
Learning with Texts (LWT) 2.0.3 is vulnerable to SQL Injection. This occurs when the application...
Critical
Unreviewed
CVE-2024-48509
was published
Oct 21, 2024
A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab...
Critical
Unreviewed
CVE-2024-47223
was published
Oct 21, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-49305
was published
Oct 17, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-49246
was published
Oct 17, 2024
The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the ...
Critical
Unreviewed
CVE-2016-15040
was published
Oct 16, 2024
itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to SQL Injection (SQLI...
Critical
Unreviewed
CVE-2024-48411
was published
Oct 15, 2024
Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL...
Critical
Unreviewed
CVE-2024-48283
was published
Oct 15, 2024
SQL injection vulnerability in TAI Smart Factory's QPLANT SF version 1.0. Exploitation of this...
Critical
Unreviewed
CVE-2024-9925
was published
Oct 15, 2024
AIM LINE Marketing Platform from Esi Technology does not properly validate a specific query...
Critical
Unreviewed
CVE-2024-9982
was published
Oct 15, 2024
Property Management System from ChanGate has a SQL Injection vulnerability, allowing...
Critical
Unreviewed
CVE-2024-9972
was published
Oct 15, 2024
Wavelog 1.8.5 allows Activated_gridmap_model.php get_band_confirmed SQL injection via band, sat,...
Critical
Unreviewed
CVE-2024-48251
was published
Oct 14, 2024
Cloudlog 2.6.15 allows Oqrs.php get_station_info station_id SQL injection.
Critical
Unreviewed
CVE-2024-48255
was published
Oct 14, 2024
The Team+ from TEAMPLUS TECHNOLOGY does not properly validate specific page parameter, allowing...
Critical
Unreviewed
CVE-2024-9921
was published
Oct 14, 2024
netease-youdao/qanything version 1.4.1 contains a vulnerability where unsafe data obtained from...
Critical
Unreviewed
CVE-2024-7099
was published
Oct 13, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-47331
was published
Oct 11, 2024
SQL Injection vulnerability in OpenHIS v.1.0 allows an attacker to execute arbitrary code via the...
Critical
Unreviewed
CVE-2024-46532
was published
Oct 11, 2024
The SEUR plugin, in its versions prior to 2.5.11, is vulnerable to time-based SQL injection...
Critical
Unreviewed
CVE-2024-9201
was published
Oct 10, 2024
ProTip!
Advisories are also available from the
GraphQL API