Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,628 advisories

Loading
The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the Update parameter... Moderate Unreviewed
CVE-2022-1689 was published Jun 9, 2022
update_by_case before 0.1.3 can be vulnerable to sql injection Moderate
CVE-2022-35956 was published for update_by_case (RubyGems) Aug 11, 2022
SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x... Moderate Unreviewed
CVE-2008-6383 was published May 17, 2022
Affected versions of Octopus Server are prone to an authenticated SQL injection vulnerability in... Moderate Unreviewed
CVE-2021-31818 was published May 24, 2022
SQL injection vulnerability in Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1... Moderate Unreviewed
CVE-2016-8564 was published May 17, 2022
SQL injection vulnerability in the "Manage pages" feature (admin/pages) in Typo 5.1.3 and earlier... Moderate Unreviewed
CVE-2008-4904 was published May 17, 2022
Multiple SQL injection vulnerabilities in Jetbox CMS 2.1 allow remote authenticated users to... Moderate Unreviewed
CVE-2008-4651 was published May 17, 2022
PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. A user... Moderate Unreviewed
CVE-2021-41672 was published Jun 16, 2022
A vulnerability in the Cisco Unified Communications Manager web interface could allow an... Moderate Unreviewed
CVE-2017-3886 was published May 17, 2022
SQL injection vulnerability in Node Vote 5.x before 5.x-1.1 and 6.x before 6.x-1.0, a module for... Moderate Unreviewed
CVE-2008-4633 was published May 17, 2022
SQL injection vulnerability in admin.php in Libera CMS 1.12, when magic_quotes_gpc is disabled,... Moderate Unreviewed
CVE-2008-4701 was published May 17, 2022
SQL injection vulnerability in the AssetView for MacOS Ver.9.2.0 and earlier versions allows... Moderate Unreviewed
CVE-2017-2241 was published May 17, 2022
IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to... Moderate Unreviewed
CVE-2022-22463 was published Jul 9, 2022
IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of... Moderate Unreviewed
CVE-2022-22389 was published Jun 25, 2022
Vulnerabilities in the web-based GUI of Cisco Unified Communications Domain Manager (CUCDM) could... Moderate Unreviewed
CVE-2017-6668 was published May 17, 2022
A vulnerability in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager ... Moderate Unreviewed
CVE-2017-6698 was published May 17, 2022
TIBCO Spotfire Server 7.0.X before 7.0.2, 7.5.x before 7.5.1, 7.6.x before 7.6.1, 7.7.x before 7... Moderate Unreviewed
CVE-2017-5527 was published May 17, 2022
Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date... Moderate Unreviewed
CVE-2022-26348 was published Jul 7, 2022
The application Piwigo is affected by a SQL injection vulnerability in version 2.9.0 and possibly... Moderate Unreviewed
CVE-2017-9463 was published May 17, 2022
The affected product is vulnerable to a SQL injection with high attack complexity, which may... Moderate Unreviewed
CVE-2022-2142 was published Jul 23, 2022
SAP Busines Objects Business Intelligence Platform (Visual Difference Application) - versions 420... Moderate Unreviewed
CVE-2022-32246 was published Jul 13, 2022
IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially... Moderate Unreviewed
CVE-2016-5939 was published May 17, 2022
The Big SQL component in IBM InfoSphere BigInsights 3.0 through 3.0.0.2 allows remote... Moderate Unreviewed
CVE-2015-1889 was published May 17, 2022
SQL injection vulnerability in Intel Security Advanced Threat Defense (ATD) Linux 3.6.0 and... Moderate Unreviewed
CVE-2017-3899 was published May 17, 2022
SQL injection vulnerability in zp-core/zp-extensions/wordpress_import.php in Zenphoto before 1.4... Moderate Unreviewed
CVE-2013-7242 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database