Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

88 advisories

Loading
Jeecg-boot vulnerable to SQL Injection Moderate
CVE-2022-45210 was published for org.jeecgframework.boot:jeecg-module-system (Maven) Nov 25, 2022
achibear
Matrix-appservice-irc vulnerable to sql injection via roomIds argument Moderate
CVE-2022-3971 was published for matrix-appservice-irc (npm) Nov 13, 2022
OpenCart SQL injection vulnerability Moderate
CVE-2021-37823 was published for opencart/opencart (Composer) Nov 3, 2022
update_by_case before 0.1.3 can be vulnerable to sql injection Moderate
CVE-2022-35956 was published for update_by_case (RubyGems) Aug 11, 2022
MantisBT SQL Injection via mc_project_get_users function Moderate
CVE-2020-28413 was published for mantisbt/mantisbt (Composer) May 24, 2022
LibreNMS SQL Injection vulnerability Moderate
CVE-2020-15873 was published for librenms/librenms (Composer) May 24, 2022
phpMyAdmin SQL injection vulnerability Moderate
CVE-2020-10803 was published for phpmyadmin/phpmyadmin (Composer) May 24, 2022
Magento Injection vulnerability via email templates Moderate
CVE-2019-8143 was published for magento/community-edition (Composer) May 24, 2022
Fat Free CRM vulnerable to SQL Injection Moderate
CVE-2013-7225 was published for fat_free_crm (RubyGems) May 17, 2022
CiviCRM SQL injection vulnerability via Quick Search API Moderate
CVE-2013-4662 was published for civicrm/civicrm-core (Composer) May 17, 2022
Improper Neutralization of Special Elements used in an SQL Command Pivotal Spring Data JPA Moderate
CVE-2016-6652 was published for org.springframework.data:spring-data-jpa (Maven) May 17, 2022
TYPO3 SQL Injection vulnerability Moderate
CVE-2010-5103 was published for typo3/cms (Composer) May 17, 2022
Typo3 Backend History Module Vulnerable to SQL Injection Moderate
CVE-2012-6144 was published for typo3/cms (Composer) May 17, 2022
Pimcore SQLi Vulnerability Moderate
CVE-2018-14058 was published for pimcore/pimcore (Composer) May 14, 2022
katello SQL Injection vulnerability Moderate
CVE-2018-14623 was published for katello (RubyGems) May 13, 2022
Moodle allows remote authenticated users to cause a denial of service (invalid database records) Moderate
CVE-2011-4292 was published for moodle/moodle (Composer) May 13, 2022
Blind SQL Injection with privileged Cloud Foundry UAA endpoints Moderate
CVE-2017-4974 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 13, 2022
sunSUNQ
Apache Derby SQL Injection Moderate
CVE-2006-7217 was published for org.apache.derby:derby (Maven) May 1, 2022
SQL Injection in FreeTAKServer-UI Moderate
CVE-2022-25506 was published for FreeTAKServer-UI (pip) Mar 12, 2022
SQL Injection in Hibernate ORM Moderate
CVE-2019-14900 was published for org.hibernate:hibernate-core (Maven) Feb 10, 2022
mpihelgas
SQL Injection in Spring Cloud Task Moderate
CVE-2020-5428 was published for org.springframework.cloud:spring-cloud-task-dependencies (Maven) Feb 9, 2022
SQL injection in github.com/navidrome/navidrome Moderate
CVE-2022-23857 was published for github.com/navidrome/navidrome (Go) Jan 27, 2022
SQL Injection in showdoc Moderate
CVE-2022-0362 was published for showdoc/showdoc (Composer) Jan 27, 2022
SQL Injection in Apache Kylin Moderate
CVE-2021-36774 was published for org.apache.kylin:kylin (Maven) Jan 8, 2022
SQL Injection in gogs.io/gogs Moderate
CVE-2014-8681 was published for github.com/gogits/gogs (Go) Jun 29, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database