Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

13,163 advisories

Loading
An issue was discovered in TONGDA Office Anywhere 10.18.190121. There is a SQL Injection... Critical Unreviewed
CVE-2019-9759 was published May 14, 2022
S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter. Critical Unreviewed
CVE-2019-10708 was published May 14, 2022
MKCMS V5.0 has SQL injection via the bplay.php play parameter. Critical Unreviewed
CVE-2019-10707 was published May 14, 2022
Silverstripe Framework SQLi Vulnerability Critical
CVE-2019-5715 was published for silverstripe/framework (Composer) May 14, 2022
Kohana through 3.3.6 has SQL Injection when the order_by() parameter can be controlled. Critical Unreviewed
CVE-2019-8979 was published May 14, 2022
SQL injection vulnerability in Nagios XI before 5.5.11 allows attackers to execute arbitrary SQL... Critical Unreviewed
CVE-2019-9165 was published May 14, 2022
SQL injection vulnerability in Nagios IM (component of Nagios XI) before 2.2.7 allows attackers... Critical Unreviewed
CVE-2019-9204 was published May 14, 2022
SQL Injection exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp... Critical Unreviewed
CVE-2018-18018 was published May 14, 2022
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary... Critical Unreviewed
CVE-2017-8917 was published May 14, 2022
SuiteCRM before 7.8.28, 7.9.x and 7.10.x before 7.10.15, and 7.11.x before 7.11.3 allows SQL... Critical Unreviewed
CVE-2019-6506 was published May 14, 2022
Katello SQL Injection vulnerabilities High
CVE-2016-3072 was published for katello (RubyGems) May 14, 2022
Multiple SQL injection vulnerabilities in the Control Panel in Parallels Plesk Panel 10.2.0 build... High Unreviewed
CVE-2011-4734 was published May 14, 2022
Multiple SQL injection vulnerabilities in the Server Administration Panel in Parallels Plesk... High Unreviewed
CVE-2011-4725 was published May 14, 2022
SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote... Critical Unreviewed
CVE-2019-9184 was published May 14, 2022
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a... High Unreviewed
CVE-2019-9053 was published May 14, 2022
Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or mctid parameter. Critical Unreviewed
CVE-2017-17612 was published May 14, 2022
Domoticz before 4.10578 allows SQL Injection via the idx parameter in CWebServer:... Critical Unreviewed
CVE-2019-10664 was published May 14, 2022
SQL injection vulnerability in Booking Calendar plugin 8.4.3 for WordPress allows remote... High Unreviewed
CVE-2018-20556 was published May 14, 2022
The vulnerability exists within processing of track_import_export.php in Schneider Electric U... High Unreviewed
CVE-2018-7765 was published May 14, 2022
SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote... High Unreviewed
CVE-2018-20505 was published May 14, 2022
SQL injection vulnerability in the "the_search_function" function in cardoza_ajax_search.php in... High Unreviewed
CVE-2012-5853 was published May 14, 2022
SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS... High Unreviewed
CVE-2015-6811 was published May 14, 2022
SQL injection vulnerability in modules.php in the Sectionsnew module for PHP-Nuke allows remote... High Unreviewed
CVE-2008-6865 was published May 14, 2022
SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote attackers to... High Unreviewed
CVE-2010-5083 was published May 14, 2022
SQL injection vulnerability in index.php in the Recipes module 1.3, 1.4, and possibly other... High Unreviewed
CVE-2008-7226 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database