Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

12,356 advisories

Loading
Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Neutralization... Moderate Unreviewed
CVE-2024-45767 was published Oct 17, 2024
An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A ... High Unreviewed
CVE-2024-38814 was published Oct 16, 2024
A vulnerability, which was classified as critical, has been found in code-projects Pharmacy... Moderate Unreviewed
CVE-2024-10024 was published Oct 16, 2024
A vulnerability classified as critical was found in code-projects Pharmacy Management System 1.0.... Moderate Unreviewed
CVE-2024-10023 was published Oct 16, 2024
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-10021 was published Oct 16, 2024
A vulnerability classified as critical has been found in code-projects Pharmacy Management System... Moderate Unreviewed
CVE-2024-10022 was published Oct 16, 2024
The Post Grid plugin for WordPress is vulnerable to blind SQL Injection via post metadata in... High Unreviewed
CVE-2021-4450 was published Oct 16, 2024
The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the ... Critical Unreviewed
CVE-2016-15040 was published Oct 16, 2024
itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to SQL Injection (SQLI... Critical Unreviewed
CVE-2024-48411 was published Oct 15, 2024
SQL injection vulnerability in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions... High Unreviewed
CVE-2024-35584 was published Oct 15, 2024
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-9986 was published Oct 15, 2024
Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL... Critical Unreviewed
CVE-2024-48283 was published Oct 15, 2024
A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration... High Unreviewed
CVE-2024-48282 was published Oct 15, 2024
A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration &... High Unreviewed
CVE-2024-48280 was published Oct 15, 2024
A vulnerability classified as critical has been found in code-projects Pharmacy Management System... Moderate Unreviewed
CVE-2024-9976 was published Oct 15, 2024
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-9974 was published Oct 15, 2024
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as... Moderate Unreviewed
CVE-2024-9973 was published Oct 15, 2024
SQL injection vulnerability in TAI Smart Factory's QPLANT SF version 1.0. Exploitation of this... Critical Unreviewed
CVE-2024-9925 was published Oct 15, 2024
Property Management System from ChanGate has a SQL Injection vulnerability, allowing... Critical Unreviewed
CVE-2024-9972 was published Oct 15, 2024
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing... High Unreviewed
CVE-2024-9980 was published Oct 15, 2024
AIM LINE Marketing Platform from Esi Technology does not properly validate a specific query... Critical Unreviewed
CVE-2024-9982 was published Oct 15, 2024
The specific query functionality in the FlowMaster BPM Plus from NewType does not properly... High Unreviewed
CVE-2024-9971 was published Oct 15, 2024
WebEIP v3.0 from NewType does not properly validate user input, allowing remote attackers with... High Unreviewed
CVE-2024-9968 was published Oct 15, 2024
Wavelog 1.8.5 allows Gridmap_model.php get_band_confirmed SQL injection via band, sat,... High Unreviewed
CVE-2024-48249 was published Oct 14, 2024
Cloudlog 2.6.15 allows Oqrs.php request_form SQL injection via station_id or callsign. High Unreviewed
CVE-2024-48259 was published Oct 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database