GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
12,356 advisories
Filter by severity
Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Neutralization...
Moderate
Unreviewed
CVE-2024-45767
was published
Oct 17, 2024
An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A
...
High
Unreviewed
CVE-2024-38814
was published
Oct 16, 2024
A vulnerability, which was classified as critical, has been found in code-projects Pharmacy...
Moderate
Unreviewed
CVE-2024-10024
was published
Oct 16, 2024
A vulnerability classified as critical was found in code-projects Pharmacy Management System 1.0....
Moderate
Unreviewed
CVE-2024-10023
was published
Oct 16, 2024
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2024-10021
was published
Oct 16, 2024
A vulnerability classified as critical has been found in code-projects Pharmacy Management System...
Moderate
Unreviewed
CVE-2024-10022
was published
Oct 16, 2024
The Post Grid plugin for WordPress is vulnerable to blind SQL Injection via post metadata in...
High
Unreviewed
CVE-2021-4450
was published
Oct 16, 2024
The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the ...
Critical
Unreviewed
CVE-2016-15040
was published
Oct 16, 2024
itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to SQL Injection (SQLI...
Critical
Unreviewed
CVE-2024-48411
was published
Oct 15, 2024
SQL injection vulnerability in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions...
High
Unreviewed
CVE-2024-35584
was published
Oct 15, 2024
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2024-9986
was published
Oct 15, 2024
Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL...
Critical
Unreviewed
CVE-2024-48283
was published
Oct 15, 2024
A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration...
High
Unreviewed
CVE-2024-48282
was published
Oct 15, 2024
A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration &...
High
Unreviewed
CVE-2024-48280
was published
Oct 15, 2024
A vulnerability classified as critical has been found in code-projects Pharmacy Management System...
Moderate
Unreviewed
CVE-2024-9976
was published
Oct 15, 2024
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as...
Moderate
Unreviewed
CVE-2024-9974
was published
Oct 15, 2024
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as...
Moderate
Unreviewed
CVE-2024-9973
was published
Oct 15, 2024
SQL injection vulnerability in TAI Smart Factory's QPLANT SF version 1.0. Exploitation of this...
Critical
Unreviewed
CVE-2024-9925
was published
Oct 15, 2024
Property Management System from ChanGate has a SQL Injection vulnerability, allowing...
Critical
Unreviewed
CVE-2024-9972
was published
Oct 15, 2024
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing...
High
Unreviewed
CVE-2024-9980
was published
Oct 15, 2024
AIM LINE Marketing Platform from Esi Technology does not properly validate a specific query...
Critical
Unreviewed
CVE-2024-9982
was published
Oct 15, 2024
The specific query functionality in the FlowMaster BPM Plus from NewType does not properly...
High
Unreviewed
CVE-2024-9971
was published
Oct 15, 2024
WebEIP v3.0 from
NewType does not properly validate user input, allowing remote attackers with...
High
Unreviewed
CVE-2024-9968
was published
Oct 15, 2024
Wavelog 1.8.5 allows Gridmap_model.php get_band_confirmed SQL injection via band, sat,...
High
Unreviewed
CVE-2024-48249
was published
Oct 14, 2024
Cloudlog 2.6.15 allows Oqrs.php request_form SQL injection via station_id or callsign.
High
Unreviewed
CVE-2024-48259
was published
Oct 14, 2024
ProTip!
Advisories are also available from the
GraphQL API