GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
12,200 advisories
Filter by severity
The importFromRedirection AJAX action of the SEO Redirection Plugin – 301 Redirect Manager...
High
Unreviewed
CVE-2021-24847
was published
Nov 17, 2021
iDRAC9 versions prior to 5.00.00.00 contain an improper input validation vulnerability. An...
High
Unreviewed
CVE-2021-36300
was published
Nov 24, 2021
Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and 5.00.00.00 contain an SQL...
High
Unreviewed
CVE-2021-36299
was published
Nov 24, 2021
The SQL injection vulnerability in the Hide My WP WordPress plugin (versions <= 6.2.3) is...
Critical
Unreviewed
CVE-2021-36916
was published
Nov 25, 2021
An authenticated user could potentially execute code via an SQLi vulnerability in the user portal...
High
Unreviewed
CVE-2021-36807
was published
Nov 27, 2021
The Contest Gallery WordPress plugin before 13.1.0.6 does not have capability checks and does not...
Critical
Unreviewed
CVE-2021-24915
was published
Nov 30, 2021
The BSK PDF Manager WordPress plugin before 3.1.2 does not validate and escape the orderby and...
High
Unreviewed
CVE-2021-24860
was published
Nov 30, 2021
The Ninja Forms Contact Form WordPress plugin before 3.6.4 does not escape keys of the fields...
High
Unreviewed
CVE-2021-24889
was published
Nov 30, 2021
The Email Before Download WordPress plugin before 6.8 does not properly validate and escape the...
High
Unreviewed
CVE-2021-24748
was published
Nov 30, 2021
The myCred WordPress plugin before 2.3 does not validate or escape the fields parameter before...
High
Unreviewed
CVE-2021-24755
was published
Nov 30, 2021
Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Injection Vulnerability. A...
High
Unreviewed
CVE-2021-36328
was published
Dec 1, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as...
Critical
Unreviewed
CVE-2021-41678
was published
Dec 1, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as...
Critical
Unreviewed
CVE-2021-41679
was published
Dec 1, 2021
A SQL injection vulnerability exists in version 8.0 of openSIS when MySQL or MariaDB is used as...
Critical
Unreviewed
CVE-2021-41677
was published
Dec 1, 2021
SQL Injection vulnerability exists in PHPGURUKUL Employee Record Management System 1.2 via the...
Critical
Unreviewed
CVE-2021-43451
was published
Dec 2, 2021
attendance management system 1.0 is affected by a SQL injection vulnerability in admin...
Critical
Unreviewed
CVE-2021-44280
was published
Dec 2, 2021
CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the...
Moderate
Unreviewed
CVE-2021-44050
was published
Dec 3, 2021
ecshop v2.7.3 is affected by a SQL injection vulnerability in shopex\ecshop\upload\api\client\api...
Critical
Unreviewed
CVE-2021-43679
was published
Dec 3, 2021
The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape a parameter before...
High
Unreviewed
CVE-2020-35012
was published
Dec 3, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameer in App\Manage\Controller...
Critical
Unreviewed
CVE-2021-44348
was published
Dec 4, 2021
Chamilo LMS v1.11.x was discovered to contain a SQL injection via the doc parameter in main...
Critical
Unreviewed
CVE-2021-35414
was published
Dec 4, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameter in App\Manage...
Critical
Unreviewed
CVE-2021-44349
was published
Dec 4, 2021
SQL Injection vulnerability exists in TuziCMS v2.0.6 in App\Manage\Controller\GuestbookController...
Critical
Unreviewed
CVE-2021-44347
was published
Dec 4, 2021
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function...
High
Unreviewed
CVE-2021-25783
was published
Dec 4, 2021
Taocms v2.5Beta5 was discovered to contain a blind SQL injection vulnerability via the function...
High
Unreviewed
CVE-2021-25784
was published
Dec 4, 2021
ProTip!
Advisories are also available from the
GraphQL API