Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

12,921 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-8950 was published Dec 25, 2024
The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is... Moderate Unreviewed
CVE-2024-10862 was published Dec 25, 2024
The WP Data Access – App, Table, Form and Chart Builder plugin plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-12428 was published Dec 25, 2024
The Tourfic – Ultimate Hotel Booking, Travel Booking & Apartment Booking WordPress Plugin |... Moderate Unreviewed
CVE-2024-12032 was published Dec 25, 2024
The Booking Calendar WpDevArt plugin is vulnerable to time-based, blind SQL injection via the `id... Moderate Unreviewed
CVE-2024-10856 was published Dec 24, 2024
The Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress plugin for WordPress... Moderate Unreviewed
CVE-2024-11726 was published Dec 24, 2024
The Advanced Floating Content plugin for WordPress is vulnerable to SQL Injection via the ... Moderate Unreviewed
CVE-2024-12031 was published Dec 24, 2024
SQL injection in Apache Traffic Control Critical
CVE-2024-45387 was published for github.com/apache/trafficcontrol/v8 (Go) Dec 23, 2024
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to SQL Injection via the ... Moderate Unreviewed
CVE-2024-11722 was published Dec 21, 2024
The WP Docs plugin for WordPress is vulnerable to time-based SQL Injection via the 'dir_id'... Moderate Unreviewed
CVE-2024-12635 was published Dec 21, 2024
Arista NG Firewall ReportEntry SQL Injection Arbitrary File Read and Write Vulnerability. This... High Unreviewed
CVE-2024-12832 was published Dec 20, 2024
A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall... Critical Unreviewed
CVE-2024-12727 was published Dec 19, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-10244 was published Dec 19, 2024
A SQL Injection vulnerability was found in /index.php in PHPGurukul Pre-School Enrollment System... High Unreviewed
CVE-2024-54790 was published Dec 19, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-56053 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-56047 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55984 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55985 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55975 was published Dec 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-55983 was published Dec 18, 2024
The Travel Booking WordPress Theme theme for WordPress is vulnerable to blind time-based SQL... High Unreviewed
CVE-2024-11912 was published Dec 18, 2024
The Collapsing Categories plugin for WordPress is vulnerable to SQL Injection via the 'taxonomy'... High Unreviewed
CVE-2024-12025 was published Dec 18, 2024
A vulnerability has been found in the 1000projects Bookstore Management System PHP MySQL Project... Critical Unreviewed
CVE-2024-55496 was published Dec 17, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-8972 was published Dec 17, 2024
Online Nurse Hiring System v1.0 was discovered to contain multiple SQL injection vulnerabilities... High Unreviewed
CVE-2024-55104 was published Dec 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database