Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

12,940 advisories

Loading
SQL Injection vulnerability in Silverpeas 6.4.1 allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2024-48814 was published Jan 3, 2025
A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. It... Moderate Unreviewed
CVE-2025-0174 was published Jan 3, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-56250 was published Jan 2, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-56247 was published Jan 2, 2025
Landray EIS 2001 through 2006 allows Message/fi_message_receiver.aspx?replyid= SQL injection. Moderate Unreviewed
CVE-2025-22214 was published Jan 2, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-56042 was published Dec 31, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-56039 was published Dec 31, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-56041 was published Dec 31, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-56212 was published Dec 31, 2024
Veritas / Arctera Data Insight before 7.1.1 allows Application Administrators to conduct SQL... Moderate Unreviewed
CVE-2024-46542 was published Dec 30, 2024
Tecnick TCExam – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL... Critical Unreviewed
CVE-2024-47926 was published Dec 30, 2024
SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2024-50717 was published Dec 27, 2024
SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2024-50716 was published Dec 27, 2024
SmartAgent v1.1.0 was discovered to contain a SQL injection vulnerability via the id parameter at... Critical Unreviewed
CVE-2024-50713 was published Dec 27, 2024
Amazon Redshift Python Connector vulnerable to SQL Injection High
CVE-2024-12745 was published for redshift_connector (pip) Dec 26, 2024
alikrubin
Amazon Redshift JDBC Driver vulnerable to SQL Injection High
CVE-2024-12744 was published for com.amazon.redshift:redshift-jdbc42 (Maven) Dec 26, 2024
alikrubin
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-8950 was published Dec 25, 2024
The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is... Moderate Unreviewed
CVE-2024-10862 was published Dec 25, 2024
The WP Data Access – App, Table, Form and Chart Builder plugin plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-12428 was published Dec 25, 2024
The Tourfic – Ultimate Hotel Booking, Travel Booking & Apartment Booking WordPress Plugin |... Moderate Unreviewed
CVE-2024-12032 was published Dec 25, 2024
The Advanced Floating Content plugin for WordPress is vulnerable to SQL Injection via the ... Moderate Unreviewed
CVE-2024-12031 was published Dec 24, 2024
The Booking Calendar WpDevArt plugin is vulnerable to time-based, blind SQL injection via the `id... Moderate Unreviewed
CVE-2024-10856 was published Dec 24, 2024
The Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress plugin for WordPress... Moderate Unreviewed
CVE-2024-11726 was published Dec 24, 2024
SQL injection in Apache Traffic Control Critical
CVE-2024-45387 was published for github.com/apache/trafficcontrol/v8 (Go) Dec 23, 2024
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to SQL Injection via the ... Moderate Unreviewed
CVE-2024-11722 was published Dec 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database