Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,951
Erlang
39
GitHub Actions
38
Go
2,607
Maven
5,000+
npm
4,251
NuGet
757
pip
4,017
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,224 advisories

Loading
HMS v1.0 was discovered to contain a SQL injection vulnerability via patientlogin.php. Critical Unreviewed
CVE-2022-23366 was published Feb 11, 2022
The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not... Critical Unreviewed
CVE-2021-24931 was published Feb 11, 2022
Tokheim Profleet DiaLOG 11.005.02 is affected by SQL Injection. The component is the... Critical Unreviewed
CVE-2021-34235 was published Feb 12, 2022
Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in language_general.class... Critical Unreviewed
CVE-2022-23335 was published Feb 15, 2022
Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in parameter_admin.class... Critical Unreviewed
CVE-2022-22295 was published Feb 15, 2022
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal... Critical Unreviewed
CVE-2022-24206 was published Feb 15, 2022
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via... Critical Unreviewed
CVE-2022-23902 was published Feb 15, 2022
S-CMS v5.0 was discovered to contain a SQL injection vulnerability in member_pay.php via the O_id... Critical Unreviewed
CVE-2022-23336 was published Feb 15, 2022
DedeCMS v5.7.87 was discovered to contain a SQL injection vulnerability in article_coonepage_rule... Critical Unreviewed
CVE-2022-23337 was published Feb 15, 2022
SQL Injection in Couchbase Sync Gateway Critical
CVE-2019-9039 was published for github.com/couchbase/sync_gateway (Go) Feb 15, 2022
andrewpollock
Credited to andrewpollock
SQL Injection in Jeecg-boot Critical
CVE-2022-22881 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 17, 2022
SQL Injection in Jeecg-boot Critical
CVE-2022-22880 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 17, 2022
DuxCMS v3.1.3 was discovered to contain a SQL injection vulnerability via the component s/tools... Critical Unreviewed
CVE-2021-3242 was published Feb 17, 2022
EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search... Critical Unreviewed
CVE-2022-23358 was published Feb 17, 2022
SQL injection in MCMS Critical
CVE-2021-44868 was published for net.mingsoft:ms-mcms (Maven) Feb 18, 2022
Online Shopping Portal v3.1 was discovered to contain multiple time-based SQL injection... Critical Unreviewed
CVE-2021-46110 was published Feb 19, 2022
ZEROF Web Server 2.0 allows /HandleEvent SQL Injection. Critical Unreviewed
CVE-2022-25322 was published Feb 19, 2022
Hospital Patient Record Management System v1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2022-25004 was published Feb 25, 2022
Hospital Patient Record Management System v1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2022-25003 was published Feb 25, 2022
Cybonet - PineApp Mail Relay Unauthenticated Sql Injection. Attacker can send a request to: ... Critical Unreviewed
CVE-2022-22794 was published Feb 25, 2022
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in delete.php via the... Critical Unreviewed
CVE-2022-25404 was published Feb 25, 2022
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in delete_query.php via... Critical Unreviewed
CVE-2022-25406 was published Feb 25, 2022
Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in change_box.php via... Critical Unreviewed
CVE-2022-25405 was published Feb 25, 2022
HMS v1.0 was discovered to contain a SQL injection vulnerability via the component admin.php. Critical Unreviewed
CVE-2022-25403 was published Feb 25, 2022
Multiple SQL Injection vulnerabilities exist in bloofoxCMS 0.5.2.1 - 0.5.1 via the (1) URLs, (2)... Critical Unreviewed
CVE-2021-44610 was published Feb 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database