GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
6,227 advisories
Filter by severity
The importFromRedirection AJAX action of the SEO Redirection Plugin – 301 Redirect Manager...
High
Unreviewed
CVE-2021-24847
was published
Nov 17, 2021
iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability. An...
High
Unreviewed
CVE-2021-36300
was published
Nov 24, 2021
Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL...
High
Unreviewed
CVE-2021-36299
was published
Nov 24, 2021
An authenticated user could potentially execute code via an SQLi vulnerability in the user portal...
High
Unreviewed
CVE-2021-36807
was published
Nov 27, 2021
The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields...
High
Unreviewed
CVE-2021-24889
was published
Nov 30, 2021
The BSK PDF Manager WordPress plugin before 3.1.2 does not validate and escape the orderby and...
High
Unreviewed
CVE-2021-24860
was published
Nov 30, 2021
The Email Before Download WordPress plugin before 6.8 does not properly validate and escape the...
High
Unreviewed
CVE-2021-24748
was published
Nov 30, 2021
The myCred WordPress plugin before 2.3 does not validate or escape the fields parameter before...
High
Unreviewed
CVE-2021-24755
was published
Nov 30, 2021
Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A...
High
Unreviewed
CVE-2021-36328
was published
Dec 1, 2021
The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape a parameter before...
High
Unreviewed
CVE-2020-35012
was published
Dec 3, 2021
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function...
High
Unreviewed
CVE-2021-25783
was published
Dec 4, 2021
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function...
High
Unreviewed
CVE-2021-25784
was published
Dec 4, 2021
Piwigo v11.5 was discovered to contain a SQL injection vulnerability via the parameter pwg_token...
High
Unreviewed
CVE-2021-40313
was published
Dec 7, 2021
Authenticated Blind & Error-based SQL injection vulnerability was discovered in Online Enrollment...
High
Unreviewed
CVE-2021-40578
was published
Dec 8, 2021
A SQL Injection vulnerability exists in Ivanti Avalance before 6.3.3 allows an attacker with...
High
Unreviewed
CVE-2021-42131
was published
Dec 8, 2021
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution...
High
Unreviewed
CVE-2021-40861
was published
Dec 9, 2021
A SQL Injection in the custom filter query component in Genesys intelligent Workload Distribution...
High
Unreviewed
CVE-2021-40860
was published
Dec 9, 2021
A improper neutralization of special elements used in an sql command ('sql injection') in...
High
Unreviewed
CVE-2021-42760
was published
Dec 9, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, abd 2021 in dl/dl_download.php....
High
Unreviewed
CVE-2021-40282
was published
Dec 10, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 in dl/dl_print.php when...
High
Unreviewed
CVE-2021-40281
was published
Dec 10, 2021
An SQL Injection vulnerablitly exits in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in...
High
Unreviewed
CVE-2021-40280
was published
Dec 10, 2021
An SQL Injection vulnerability exists in zzcms 8.2, 8.3, 2020, and 2021 via the id parameter in...
High
Unreviewed
CVE-2021-40279
was published
Dec 10, 2021
The Quotes Collection WordPress plugin through 2.5.2 does not validate and escape the bulkcheck...
High
Unreviewed
CVE-2021-24861
was published
Dec 14, 2021
The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPress plugin through 2.7,...
High
Unreviewed
CVE-2021-24848
was published
Dec 14, 2021
The SEO Booster WordPress plugin through 3.7 allows for authenticated SQL injection via the ...
High
Unreviewed
CVE-2021-24747
was published
Dec 14, 2021
ProTip!
Advisories are also available from the
GraphQL API