GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,653
Erlang
29
GitHub Actions
16
Go
1,706
Maven
4,938
npm
3,471
NuGet
603
pip
2,985
Pub
10
RubyGems
826
Rust
772
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
218,397 advisories
Filter by severity
Student Enrollment In PHP v1.0 was discovered to contain a SQL injection vulnerability via the...
Unknown
Unreviewed
CVE-2023-41503
was published
Mar 7, 2024
code-projects.org Online Job Portal 1.0 is vulnerable to SQL Injection via the Username parameter...
Unknown
Unreviewed
CVE-2023-41014
was published
Mar 7, 2024
code-projects.org Online Job Portal 1.0 is vulnerable to SQL Injection via /Employer/DeleteJob...
Unknown
Unreviewed
CVE-2023-41015
was published
Mar 7, 2024
Cross Site Scripting (XSS) vulnerability in the feedback form of Online Flight Booking Management...
Unknown
Unreviewed
CVE-2022-46091
was published
Mar 7, 2024
The The Plus Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-1419
was published
Mar 7, 2024
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the...
Unknown
Unreviewed
CVE-2022-46499
was published
Mar 7, 2024
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the...
Unknown
Unreviewed
CVE-2022-46497
was published
Mar 7, 2024
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the...
Unknown
Unreviewed
CVE-2022-46498
was published
Mar 7, 2024
The Prime Slider – Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-1506
was published
Mar 7, 2024
In Veritas NetBackup before 8.1.2 and NetBackup Appliance before 3.1.2, the BPCD process...
Critical
Unreviewed
CVE-2024-28222
was published
Mar 7, 2024
Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated...
Unknown
Unreviewed
CVE-2023-33676
was published
Mar 7, 2024
nGrinder before 3.5.9 uses old version of SnakeYAML, which could allow remote attacker to execute...
Unknown
Unreviewed
CVE-2024-28212
was published
Mar 7, 2024
nGrinder before 3.5.9 allows an attacker to create or update webhook configuration due to lack of...
Unknown
Unreviewed
CVE-2024-28215
was published
Mar 7, 2024
The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin...
Moderate
Unreviewed
CVE-2024-1720
was published
Mar 7, 2024
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site...
Moderate
Unreviewed
CVE-2024-1500
was published
Mar 7, 2024
nGrinder before 3.5.9 allows to set delay without limitation, which could be the cause of Denial...
Unknown
Unreviewed
CVE-2024-28214
was published
Mar 7, 2024
nGrinder before 3.5.9 allows connection to malicious JMX/RMI server by default, which could be...
Unknown
Unreviewed
CVE-2024-28211
was published
Mar 7, 2024
The vulnerability described by CVE-2023-0972 has been additionally discovered in Silicon Labs Z...
High
Unreviewed
CVE-2023-51395
was published
Mar 7, 2024
The WP Chat App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin...
Moderate
Unreviewed
CVE-2024-1761
was published
Mar 7, 2024
nGrinder before 3.5.9 allows an attacker to obtain the results of webhook requests due to lack of...
Unknown
Unreviewed
CVE-2024-28216
was published
Mar 7, 2024
The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-1377
was published
Mar 7, 2024
The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Moderate
Unreviewed
CVE-2024-1366
was published
Mar 7, 2024
Chat functionality in Schoolbox application before
version 23.1.3 is vulnerable to blind SQL...
High
Unreviewed
CVE-2024-28094
was published
Mar 7, 2024
Class functionality in Schoolbox application
before version 23.1.3 is vulnerable to stored cross...
High
Unreviewed
CVE-2024-28096
was published
Mar 7, 2024
Calendar functionality in Schoolbox application
before version 23.1.3 is vulnerable to stored...
High
Unreviewed
CVE-2024-28097
was published
Mar 7, 2024
ProTip!
Advisories are also available from the
GraphQL API