Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

12,358 advisories

Loading
The LatePoint plugin for WordPress is vulnerable to Arbitrary User Password Change via SQL... Critical Unreviewed
CVE-2024-8911 was published Oct 8, 2024
A SQL Injection vulnerability in "ccHandler.aspx" in all versions of CADClick v.1.11.0 and before... High Unreviewed
CVE-2024-41512 was published Oct 4, 2024
A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the... Critical Unreviewed
CVE-2024-45999 was published Oct 1, 2024
In SonarSource SonarQube 10.4 through 10.5 before 10.6, a vulnerability was discovered in the... Moderate Unreviewed
CVE-2024-47911 was published Oct 4, 2024
itsourcecode Sports Management System Project 1.0 is vulnerable to SQL Injection in the function... High Unreviewed
CVE-2024-46078 was published Oct 4, 2024
The Cost Calculator Builder WordPress plugin before 3.2.29 does not properly sanitise and escape... High Unreviewed
CVE-2024-8379 was published Sep 30, 2024
The Opti Marketing WordPress plugin through 2.0.9 does not properly sanitise and escape a... Critical Unreviewed
CVE-2024-6928 was published Sep 8, 2024
SQL injection vulnerability in SOPlanning <1.45, through /soplanning/www/groupe_list.php, in the... Moderate Unreviewed
CVE-2024-9573 was published Oct 7, 2024
SQL injection vulnerability in SOPlanning <1.45, via /soplanning/www/user_groupes.php in the by... Critical Unreviewed
CVE-2024-9574 was published Oct 7, 2024
The Viral Signup WordPress plugin through 2.1 does not properly sanitise and escape a parameter... Critical Unreviewed
CVE-2024-6926 was published Sep 4, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-47335 was published Oct 7, 2024
A vulnerability was found in ESAFENET CDG V5. It has been rated as critical. Affected by this... Moderate Unreviewed
CVE-2024-9560 was published Oct 7, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-47350 was published Oct 6, 2024
Cavok – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Critical Unreviewed
CVE-2024-45249 was published Oct 6, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-47338 was published Oct 6, 2024
A vulnerability was found in ESAFENET CDG V5. It has been rated as critical. Affected by this... Moderate Unreviewed
CVE-2024-9536 was published Oct 5, 2024
Sourcecodester School Task Manager 1.0 allows SQL Injection via the 'subject' parameter. Critical Unreviewed
CVE-2024-24142 was published Feb 13, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-8607 was published Sep 27, 2024
Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx.... Critical Unreviewed
CVE-2024-43699 was published Oct 4, 2024
Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An... High Unreviewed
CVE-2024-42417 was published Oct 4, 2024
A Command injection vulnerability in requestLetsEncryptSslWithDnsChallenge in NginxProxyManager 2... Moderate Unreviewed
CVE-2024-46257 was published Sep 27, 2024
A vulnerability was found in Codezips Online Shopping Portal 1.0. It has been classified as... Moderate Unreviewed
CVE-2024-9460 was published Oct 3, 2024
SQL injection in audit endpoint Critical
CVE-2023-35088 was published for org.apache.inlong:manager-service (Maven) Jul 25, 2023
OS4ED openSIS-Classic v9.1 was discovered to contain a SQL injection vulnerability via a crafted... High Unreviewed
CVE-2024-46626 was published Oct 2, 2024
A vulnerability has been found in code-projects Restaurant Reservation System 1.0 and classified... Moderate Unreviewed
CVE-2024-9429 was published Oct 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database