Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

12,921 advisories

Loading
An issue was discovered in Appnitro MachForm before 4.2.3. There is a download.php SQL injection... Critical Unreviewed
CVE-2018-6410 was published May 13, 2022
A SQL injection issue exists in a file upload handler in REDCap 7.x before 7.0.11 via a trailing... High Unreviewed
CVE-2017-7351 was published May 13, 2022
SQL injection vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4... High Unreviewed
CVE-2013-4461 was published May 13, 2022
SQL injection vulnerability in baserCMS before 3.0.8 allows remote authenticated users to execute... Moderate Unreviewed
CVE-2015-5641 was published May 13, 2022
Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin... High Unreviewed
CVE-2012-2684 was published May 13, 2022
SQL injection vulnerability in Concrete5 5.7.3.1. High Unreviewed
CVE-2015-4724 was published May 13, 2022
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to... High Unreviewed
CVE-2018-10915 was published May 13, 2022
SQL injection vulnerability in the management server in Symantec Critical System Protection (SCSP... Moderate Unreviewed
CVE-2014-7289 was published May 13, 2022
Blind SQL Injection with privileged Cloud Foundry UAA endpoints Moderate
CVE-2017-4974 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 13, 2022
sunSUNQ
SQL injection vulnerability in Pivotal Cloud Foundry (PCF) before 238; UAA 2.x before 2.7.4.4, 3... High Unreviewed
CVE-2016-4468 was published May 13, 2022
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v257; UAA... High Unreviewed
CVE-2017-4972 was published May 13, 2022
Multiple SQL injection vulnerabilities in admin/handlers.php in the GigPress plugin before 2.3.9... Moderate Unreviewed
CVE-2015-4066 was published May 13, 2022
An issue was discovered in VideoInsight Web Client Version 6.3.5.11 and previous versions. A SQL... High Unreviewed
CVE-2017-5151 was published May 13, 2022
SQL injection vulnerability in the authentication functionality in Trend Micro Email Encryption... Critical Unreviewed
CVE-2016-4351 was published May 13, 2022
SQL injection vulnerability in the Management Server in Symantec Embedded Security: Critical... High Unreviewed
CVE-2015-8157 was published May 13, 2022
The FormCraft Basic plugin 1.0.5 for WordPress has SQL injection in the id parameter to form.php. Critical Unreviewed
CVE-2017-13137 was published May 13, 2022
Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter. High Unreviewed
CVE-2015-6028 was published May 13, 2022
SQL injection vulnerability in Huawei Policy Center with software before V100R003C10SPC020 allows... High Unreviewed
CVE-2016-3675 was published May 13, 2022
SQL injection vulnerability in the checkPassword function in Symmetricom s350i 2.70.15 allows... Critical Unreviewed
CVE-2014-5071 was published May 13, 2022
The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does... High Unreviewed
CVE-2014-3704 was published May 13, 2022
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7... High Unreviewed
CVE-2017-11509 was published May 13, 2022
SQL injection vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin... Moderate Unreviewed
CVE-2014-7959 was published May 13, 2022
SQL injection vulnerability in This HTML Is Simple (THIS) before 1.2.4 allows remote to execute... High Unreviewed
CVE-2013-3523 was published May 13, 2022
Point Of Sales 1.0 allows SQL injection via the login screen, related to LoginForm1.vb. Critical Unreviewed
CVE-2018-18805 was published May 13, 2022
SQL injection vulnerability in maint/modules/endpointcfg/endpoint_generic.php in Fonality trixbox... High Unreviewed
CVE-2014-5109 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database