Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,405
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,641
Pub
13
RubyGems
1,026
Rust
1,209
Swift
53
Unreviewed advisories
All unreviewed
5,000+

16,703 advisories

Loading
Sql injection vulnerability in the yccms 3.3 project. The no_top function's improper judgment of... Critical Unreviewed
CVE-2020-20289 was published May 24, 2022
An issue was found in CMSWing project version 1.3.8. Because the updateAction function does not... Critical Unreviewed
CVE-2020-20295 was published May 24, 2022
Sql injection vulnerability in koa2-blog 1.0.0 allows remote attackers to Injecting a malicious... Critical Unreviewed
CVE-2020-21179 was published May 24, 2022
An issue was found in CMSWing project version 1.3.8. Because the log function does not check the... Critical Unreviewed
CVE-2020-20294 was published May 24, 2022
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an... High Unreviewed
CVE-2020-5427 was published May 24, 2022
Local Service Search Engine Management System 1.0 has a vulnerability through authentication... Critical Unreviewed
CVE-2021-3278 was published May 24, 2022
SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands protection mechanism is... Critical Unreviewed
CVE-2021-3286 was published May 24, 2022
Student Result Management System In PHP With Source Code is affected by SQL injection. An... Critical Unreviewed
CVE-2020-35270 was published May 24, 2022
EgavilanMedia User Registration & Login System 1.0 is affected by SQL injection to the admin... Critical Unreviewed
CVE-2020-35263 was published May 24, 2022
Hyweb HyCMS-J1's API fail to filter POST request parameters. Remote attackers can inject SQL... High Unreviewed
CVE-2021-22847 was published May 24, 2022
The store system in PrestaShop 1.7.7.0 allows time-based boolean SQL injection via the module... Critical Unreviewed
CVE-2021-3110 was published May 24, 2022
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service ... Moderate Unreviewed
CVE-2021-1364 was published May 24, 2022
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service ... Moderate Unreviewed
CVE-2021-1355 was published May 24, 2022
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service ... Moderate Unreviewed
CVE-2021-1282 was published May 24, 2022
Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager (DCNM... High Unreviewed
CVE-2021-1248 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Smart Software Manager Satellite... High Unreviewed
CVE-2021-1222 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software... Critical Unreviewed
CVE-2021-1225 was published May 24, 2022
Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager (DCNM... High Unreviewed
CVE-2021-1247 was published May 24, 2022
IBM Security Guardium 10.6 and 11.2 is vulnerable to SQL injection. A remote attacker could send... High Unreviewed
CVE-2020-4921 was published May 24, 2022
HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into... Critical Unreviewed
CVE-2021-22851 was published May 24, 2022
HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into... High Unreviewed
CVE-2021-22852 was published May 24, 2022
Zoho ManageEngine Applications Manager before 14 build 14880 allows an authenticated SQL... High Unreviewed
CVE-2020-27733 was published May 24, 2022
An issue was discovered in flatCore before 2.0.0 build 139. A time-based blind SQL injection was... Moderate Unreviewed
CVE-2021-23837 was published May 24, 2022
DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in... Critical Unreviewed
CVE-2020-29493 was published May 24, 2022
A blind SQL injection in the user interface of FortiWeb 6.3.0 through 6.3.7 and version before 6... Critical Unreviewed
CVE-2020-29015 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database