GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,960
Composer 4,279
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,421
Pub 12
RubyGems 891
Rust 873
Swift 36

Unreviewed advisories

All unreviewed 238,960

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,628 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability was found in 1000 Projects Library Management System 1.0. It has been declared as... Moderate Unreviewed

CVE-2024-12188 was published Dec 5, 2024

A vulnerability, which was classified as critical, has been found in PHPGurukul Complaint... Moderate Unreviewed

CVE-2024-12230 was published Dec 5, 2024

A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been... Moderate Unreviewed

CVE-2024-12234 was published Dec 5, 2024

A vulnerability, which was classified as critical, was found in code-projects Farmacia 1.0. This... Moderate Unreviewed

CVE-2024-12007 was published Dec 2, 2024

A vulnerability classified as critical has been found in JFinalCMS 1.0. This affects the function... Moderate Unreviewed

CVE-2024-12351 was published Dec 9, 2024

A vulnerability classified as critical has been found in Guangzhou Tuchuang Computer Software... Moderate Unreviewed

CVE-2024-10946 was published Nov 7, 2024

The SQL Chart Builder plugin for WordPress is vulnerable to SQL Injection via the 'arg1' arg of... Moderate Unreviewed

CVE-2024-11430 was published Dec 12, 2024

The Library Management System – Manage e-Digital Books Library plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2024-12406 was published Dec 12, 2024

The Responsive Filterable Portfolio plugin for WordPress is vulnerable to SQL Injection via the ... Moderate Unreviewed

CVE-2019-25221 was published Dec 13, 2024

A vulnerability classified as critical has been found in 1000 Projects Attendance Tracking... Moderate Unreviewed

CVE-2024-12497 was published Dec 12, 2024

A vulnerability was found in code-projects Farmacia 1.0. It has been rated as critical. This... Moderate Unreviewed

CVE-2024-12492 was published Dec 12, 2024

A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been classified as critical.... Moderate Unreviewed

CVE-2024-12480 was published Dec 12, 2024

A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2 and classified as critical. This issue... Moderate Unreviewed

CVE-2024-12479 was published Dec 12, 2024

A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been declared as critical.... Moderate Unreviewed

CVE-2024-12481 was published Dec 12, 2024

An unauthenticated attacker can perform an SQL injection by accessing the /class/dbconnect.php... Moderate Unreviewed

CVE-2024-28145 was published Dec 12, 2024

An authenticated attacker with the user/role "Poweruser" can perform an SQL injection by... Moderate Unreviewed

CVE-2024-50584 was published Dec 12, 2024

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for... Moderate Unreviewed

CVE-2024-11713 was published Dec 14, 2024

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for... Moderate Unreviewed

CVE-2024-11714 was published Dec 14, 2024

The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for... Moderate Unreviewed

CVE-2024-11710 was published Dec 14, 2024

An SQL Injection vulnerability existed in DLP Extension 11.11.1.3. The vulnerability allowed an... Moderate Unreviewed

CVE-2024-9678 was published Dec 16, 2024

Withdrawn Advisory: Nette Database SQL injection Moderate

CVE-2024-55586 was published for nette/database (Composer) Dec 10, 2024 • withdrawn

The WP Docs plugin for WordPress is vulnerable to time-based SQL Injection via the 'dir_id'... Moderate Unreviewed

CVE-2024-12635 was published Dec 21, 2024

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to SQL Injection via the ... Moderate Unreviewed

CVE-2024-11722 was published Dec 21, 2024

The Booking Calendar WpDevArt plugin is vulnerable to time-based, blind SQL injection via the `id... Moderate Unreviewed

CVE-2024-10856 was published Dec 24, 2024

The Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress plugin for WordPress... Moderate Unreviewed

CVE-2024-11726 was published Dec 24, 2024

Previous 1 2 … 102 103 104 105 106 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,628 advisories