GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,144
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,760
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,557

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

12,636 advisories

Filter by severity

Sort by

Least recently updated

Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=user... Critical Unreviewed

CVE-2022-29739 was published May 13, 2022

Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php... Critical Unreviewed

CVE-2022-29745 was published May 13, 2022

Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/classes/Users.php?f... Critical Unreviewed

CVE-2022-29746 was published May 13, 2022

Money Transfer Management System 1.0 is vulnerable to SQL Injection via \mtms\classes\Master.php... Critical Unreviewed

CVE-2022-29741 was published May 13, 2022

Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/clientStatus.php... Critical Unreviewed

CVE-2022-29998 was published May 13, 2022

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to SQL injection. A... Critical Unreviewed

CVE-2022-22413 was published May 13, 2022

Multiple improper neutralization of special elements used in SQL commands ('SQL Injection')... High Unreviewed

CVE-2022-26116 was published May 12, 2022

Wedding Management System v1.0 was discovered to contain a SQL injection vulnerability via the id... Critical Unreviewed

CVE-2022-29656 was published May 12, 2022

Simple Bus Ticket Booking System v1.0 was discovered to contain multiple SQL injection... Critical Unreviewed

CVE-2022-29317 was published May 12, 2022

Complete Online Job Search System v1.0 was discovered to contain a SQL injection vulnerability... Critical Unreviewed

CVE-2022-29316 was published May 12, 2022

Multiple SQL injection vulnerabilities via the username and password parameters in the Admin... Critical Unreviewed

CVE-2022-29006 was published May 12, 2022

Multiple SQL injection vulnerabilities via the username and password parameters in the Admin... Critical Unreviewed

CVE-2022-29007 was published May 12, 2022

Multiple SQL injection vulnerabilities via the username and password parameters in the Admin... Critical Unreviewed

CVE-2022-29009 was published May 12, 2022

ShopWind <= v3.4.2 has a Sql injection vulnerability in Database.php High Unreviewed

CVE-2022-30452 was published May 12, 2022

Mingsoft MCMS 5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/list... Critical Unreviewed

CVE-2022-30048 was published May 12, 2022

Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict... Critical Unreviewed

CVE-2022-30047 was published May 12, 2022

Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a SQL... Critical Unreviewed

CVE-2022-30449 was published May 12, 2022

An authenticated user could execute code via a SQLi vulnerability in waimairenCMS before version... High Unreviewed

CVE-2022-30451 was published May 12, 2022

An SQL Injection vulnerability exists in OpenMRS Reference Application Standalone Edition <=2.11... Critical Unreviewed

CVE-2021-43094 was published May 11, 2022

Hotel Management System v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed

CVE-2022-28110 was published May 11, 2022

In Safedog Apache v4.0.30255, attackers can bypass this product for SQL injection. Attackers can... High Unreviewed

CVE-2021-43010 was published May 11, 2022

The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing... High Unreviewed

CVE-2022-1505 was published May 11, 2022

The RSVPMaker plugin for WordPress is vulnerable to unauthenticated SQL Injection due to missing... High Unreviewed

CVE-2022-1453 was published May 11, 2022

The MapSVG WordPress plugin before 6.2.20 does not validate and escape a parameter via a REST... Critical Unreviewed

CVE-2022-0592 was published May 10, 2022

The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied... Critical Unreviewed

CVE-2022-1013 was published May 10, 2022

Previous 1 2 … 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

12,636 advisories