GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,353
Composer 5,649
Erlang 49
GitHub Actions 49
Go 3,585
Maven 6,428
npm 5,888
NuGet 923
pip 4,817
Pub 13
RubyGems 1,043
Rust 1,251
Swift 53

Unreviewed advisories

All unreviewed 299,101

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

16,903 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SQL Injection vulnerability in cxuucms 3.1 ivia the pid parameter in public/admin.php. High Unreviewed

CVE-2021-3264 was published May 24, 2022

The GET parameter "id" in WMS v1.0 is passed without filtering, which allows attackers to perform... Critical Unreviewed

CVE-2020-18106 was published May 24, 2022

A lack of filtering for searched keywords in the search bar of YouDianCMS 8.0 allows attackers to... High Unreviewed

CVE-2020-18116 was published May 24, 2022

A SQL injection vulnerability in admin.php of DOYOCMS 2.3 allows attackers to execute arbitrary... High Unreviewed

CVE-2020-19821 was published May 24, 2022

thinkphp-zcms as of 20190715 allows SQL injection via index.php?m=home&c=message&a=add. Critical Unreviewed

CVE-2020-19705 was published May 24, 2022

SQL Injection vulnerability in Hucart CMS 5.7.4 via the basic information field found in the... High Unreviewed

CVE-2020-18476 was published May 24, 2022

SQL Injection vulnerability in Hucart CMS 5.7.4 via the purchase enquiry field found in the... High Unreviewed

CVE-2020-18477 was published May 24, 2022

A SQL Injection vulnerability in Cerner Mobile Care 5.0.0 allows remote unauthenticated attackers... Critical Unreviewed

CVE-2021-36385 was published May 24, 2022

Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the... High Unreviewed

CVE-2021-39375 was published May 24, 2022

Multiple SQL injection vulnerabilities in SmartDataSoft SmartBlog for PrestaShop before 4.06... Critical Unreviewed

CVE-2021-37538 was published May 24, 2022

Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the... High Unreviewed

CVE-2021-39376 was published May 24, 2022

EARCLINK ESPCMS-P8 was discovered to contain a SQL injection vulnerability in the espcms_web... High Unreviewed

CVE-2020-18913 was published May 24, 2022

The Timeline Calendar WordPress plugin through 1.2 does not sanitise, validate or escape the edit... High Unreviewed

CVE-2021-24553 was published May 24, 2022

The Edit Comments WordPress plugin through 0.3 does not sanitise, validate or escape the... Critical Unreviewed

CVE-2021-24551 was published May 24, 2022

The Giveaway WordPress plugin through 1.2.2 is vulnerable to an SQL Injection issue which allows... High Unreviewed

CVE-2021-24497 was published May 24, 2022

The Slider Hero with Animation, Video Background & Intro Maker WordPress plugin before 8.2.7 does... High Unreviewed

CVE-2021-24506 was published May 24, 2022

The update functionality in the rslider_page uses an rs_id POST parameter which is not validated,... High Unreviewed

CVE-2021-24557 was published May 24, 2022

The daac_delete_booking_callback function, hooked to the daac_delete_booking AJAX action, takes... High Unreviewed

CVE-2021-24555 was published May 24, 2022

The Simple Events Calendar WordPress plugin through 1.4.0 does not sanitise, validate or escape... High Unreviewed

CVE-2021-24552 was published May 24, 2022

The Broken Link Manager WordPress plugin through 0.6.5 does not sanitise, validate or escape the... High Unreviewed

CVE-2021-24550 was published May 24, 2022

SQL Injection in Wuzhi CMS v4.1.0 allows remote attackers to obtain sensitive information via the... High Unreviewed

CVE-2020-18877 was published May 24, 2022

A SQL Injection issue in the list controller of the Prestahome Blog (aka ph_simpleblog) module... High Unreviewed

CVE-2021-36748 was published May 24, 2022

A SQL injection vulnerability was discovered in the editid parameter in Local Services Search... Moderate Unreviewed

CVE-2021-27999 was published May 24, 2022

MISP 2.4.148, in certain configurations, allows SQL injection via the app/Model/Log.php ... Critical Unreviewed

CVE-2021-39302 was published May 24, 2022

SQL Injection in AiteCMS v1.0 allows remote attackers to execute arbitrary code via the component... High Unreviewed

CVE-2020-18746 was published May 24, 2022

Previous 1…395…400 Next

Previous 1 2 … 393 394 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

16,903 advisories