Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

6,343 advisories

Loading
A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration... High Unreviewed
CVE-2024-48282 was published Oct 15, 2024
A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration &... High Unreviewed
CVE-2024-48280 was published Oct 15, 2024
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing... High Unreviewed
CVE-2024-9980 was published Oct 15, 2024
The specific query functionality in the FlowMaster BPM Plus from NewType does not properly... High Unreviewed
CVE-2024-9971 was published Oct 15, 2024
WebEIP v3.0 from NewType does not properly validate user input, allowing remote attackers with... High Unreviewed
CVE-2024-9968 was published Oct 15, 2024
Cloudlog 2.6.15 allows Oqrs.php request_form SQL injection via station_id or callsign. High Unreviewed
CVE-2024-48259 was published Oct 14, 2024
Wavelog 1.8.5 allows Gridmap_model.php get_band_confirmed SQL injection via band, sat,... High Unreviewed
CVE-2024-48249 was published Oct 14, 2024
Wavelog 1.8.5 allows Oqrs_model.php get_worked_modes station_id SQL injectioin. High Unreviewed
CVE-2024-48257 was published Oct 14, 2024
Cloudlog 2.6.15 allows Oqrs.php delete_oqrs_line id SQL injection. High Unreviewed
CVE-2024-48253 was published Oct 14, 2024
The WP Post Author – Boost Your Blog's Engagement with Author Box, Social Links, Co-Authors,... High Unreviewed
CVE-2024-8757 was published Oct 12, 2024
An issue was discovered in the centreon-bi-server component in Centreon BI Server 24.04.x before... High Unreviewed
CVE-2024-45754 was published Oct 12, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-48020 was published Oct 11, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-48040 was published Oct 11, 2024
SQL injection vulnerability in employee-management-system-php-and-mysql-free-download.html... High Unreviewed
CVE-2024-48813 was published Oct 11, 2024
The TS Poll – Survey, Versus Poll, Image Poll, Video Poll plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-9022 was published Oct 10, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-47334 was published Oct 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-47335 was published Oct 7, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-47338 was published Oct 6, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-47849 was published Oct 5, 2024
itsourcecode Sports Management System Project 1.0 is vulnerable to SQL Injection in the function... High Unreviewed
CVE-2024-46078 was published Oct 4, 2024
A SQL Injection vulnerability in "ccHandler.aspx" in all versions of CADClick v.1.11.0 and before... High Unreviewed
CVE-2024-41512 was published Oct 4, 2024
Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An... High Unreviewed
CVE-2024-42417 was published Oct 4, 2024
OS4ED openSIS-Classic v9.1 was discovered to contain a SQL injection vulnerability via a crafted... High Unreviewed
CVE-2024-46626 was published Oct 2, 2024
The WP Easy Gallery – WordPress Gallery Plugin plugin for WordPress is vulnerable to time-based... High Unreviewed
CVE-2024-9018 was published Oct 1, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-9194 was published Oct 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database