Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

13,163 advisories

Loading
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-42311 was published Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... High Unreviewed
CVE-2021-41365 was published Dec 16, 2021
A SQL Injection vulnerability exists in ZZCMS 2021 via the askbigclassid parameter in /admin/ask... Critical Unreviewed
CVE-2021-42945 was published Dec 16, 2021
ThinkPHP5 SQL Injection vulnerability Critical
CVE-2021-44350 was published for topthink/framework (Composer) Dec 17, 2021
TCMAN GIM is vulnerable to a SQL injection vulnerability inside several available webservice... Critical Unreviewed
CVE-2021-40850 was published Dec 18, 2021
The checkuser function of SEMCMS 3.8 was discovered to contain a vulnerability which allows... High Unreviewed
CVE-2020-18081 was published Dec 18, 2021
An authenticated SQL injection issue in the calendar search function of OpenEMR 6.0.0 before... Moderate Unreviewed
CVE-2021-41843 was published Dec 18, 2021
SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection. High Unreviewed
CVE-2021-45041 was published Dec 20, 2021
JFrog Artifactory before 7.25.4 (Enterprise+ deployments only), is vulnerable to Blind SQL... High Unreviewed
CVE-2021-3860 was published Dec 21, 2021
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection... High Unreviewed
CVE-2021-35234 was published Dec 21, 2021
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure design on report build via... High Unreviewed
CVE-2021-44874 was published Dec 22, 2021
The email parameter from ajax.php of Video Sharing Website 1.0 appears to be vulnerable to SQL... Critical Unreviewed
CVE-2021-45255 was published Dec 22, 2021
The id parameter in view_storage.php from Simple Cold Storage Management System 1.0 appears to be... Critical Unreviewed
CVE-2021-45253 was published Dec 22, 2021
Multiple SQL injection vulnerabilities are found on Simple Forum-Discussion System 1.0 For... Critical Unreviewed
CVE-2021-45252 was published Dec 22, 2021
The wcfm_ajax_controller AJAX action of the WCFM Marketplace WordPress plugin before 3.4.12,... Critical Unreviewed
CVE-2021-24849 was published Dec 22, 2021
The get_query() function of the Ni WooCommerce Custom Order Status WordPress plugin before 1.9.7,... High Unreviewed
CVE-2021-24846 was published Dec 22, 2021
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly... High Unreviewed
CVE-2021-24750 was published Dec 22, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21933 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21934 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21935 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21936 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21937 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21930 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21932 was published Dec 23, 2021
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated... High Unreviewed
CVE-2021-21929 was published Dec 23, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database