GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,461 advisories
Filter by severity
Best House Rental Management System 1.0 contains a SQL injection vulnerability in the...
Critical
Unreviewed
CVE-2024-46374
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-5958
was published
Sep 18, 2024
SQL Injection vulnerability in todesk v.1.1 allows a remote attacker to execute arbitrary code...
Critical
Unreviewed
CVE-2024-44542
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-43978
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-44004
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-43976
was published
Sep 18, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-6401
was published
Sep 16, 2024
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to SQL...
Critical
Unreviewed
CVE-2024-8669
was published
Sep 16, 2024
SQL Injection vulnerability in Best Free Law Office Management Software-v1.0 allows an attacker...
Critical
Unreviewed
CVE-2024-44430
was published
Sep 13, 2024
ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the...
Critical
Unreviewed
CVE-2024-34334
was published
Sep 12, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the...
Critical
Unreviewed
CVE-2024-8522
was published
Sep 12, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to SQL Injection via the...
Critical
Unreviewed
CVE-2024-8529
was published
Sep 12, 2024
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a...
Critical
Unreviewed
CVE-2024-32842
was published
Sep 12, 2024
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a...
Critical
Unreviewed
CVE-2024-32848
was published
Sep 12, 2024
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a...
Critical
Unreviewed
CVE-2024-32846
was published
Sep 12, 2024
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a...
Critical
Unreviewed
CVE-2024-32843
was published
Sep 12, 2024
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a...
Critical
Unreviewed
CVE-2024-34785
was published
Sep 12, 2024
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a...
Critical
Unreviewed
CVE-2024-32845
was published
Sep 12, 2024
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a...
Critical
Unreviewed
CVE-2024-34783
was published
Sep 12, 2024
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a...
Critical
Unreviewed
CVE-2024-34779
was published
Sep 12, 2024
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a...
Critical
Unreviewed
CVE-2024-32840
was published
Sep 12, 2024
evilnapsis Inventio Lite Versions v4 and before is vulnerable to SQL Injection via the "username"...
Critical
Unreviewed
CVE-2024-44541
was published
Sep 11, 2024
A unauthenticated SQL Injection has been found in the SO Planning tool that occurs when the...
Critical
Unreviewed
CVE-2024-27112
was published
Sep 11, 2024
The video carousel slider with lightbox plugin for WordPress is vulnerable to SQL Injection via...
Critical
Unreviewed
CVE-2019-25212
was published
Sep 11, 2024
Renwoxing Enterprise Intelligent Management System before v3.0 was discovered to contain a SQL...
Critical
Unreviewed
CVE-2024-43040
was published
Sep 10, 2024
ProTip!
Advisories are also available from the
GraphQL API