Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

237 advisories

Loading
Apache Superset SQL Injection when template processing is enabled High
CVE-2021-41971 was published for apache-superset (pip) May 24, 2022
Liferay Portal and Liferay DXP Vulnerable to Multiple SQL Injections High
CVE-2021-29053 was published for com.liferay.portal:release.dxp.bom (Maven) May 24, 2022
Magento SQL Injection vulnerability High
CVE-2020-24400 was published for magento/community-edition (Composer) May 24, 2022
MunkiReport Software Update module is vulnerable to SQL injection High
CVE-2020-15887 was published for munkireport/softwareupdate (Composer) May 24, 2022
MunkiReport reportdata module SQL injection vulnerability High
CVE-2020-15886 was published for munkireport/reportdata (Composer) May 24, 2022
Dolibarr SQL injection vulnerability in accountancy/customer/card.php High
CVE-2020-14443 was published for dolibarr/dolibarr (Composer) May 24, 2022
phpMyAdmin SQL Injection High
CVE-2020-10804 was published for phpmyadmin/phpmyadmin (Composer) May 24, 2022
phpMyAdmin SQL injection vulnerability High
CVE-2020-10802 was published for phpmyadmin/phpmyadmin (Composer) May 24, 2022
Dolibarr ERP and CRM SQLi High
CVE-2019-19209 was published for dolibarr/dolibarr (Composer) May 24, 2022
Magento sql injection vulnerability High
CVE-2020-3719 was published for magento/community-edition (Composer) May 24, 2022
Plone SQL Injection Vulnerability High
CVE-2020-7939 was published for Plone (pip) May 24, 2022
phpMyAdmin SQL injection in user accounts page High
CVE-2020-5504 was published for phpmyadmin/phpmyadmin (Composer) May 24, 2022
Magento SQL injection via marketing account with access to email templates variables High
CVE-2019-8134 was published for magento/community-edition (Composer) May 24, 2022
Magento SQL injection vulnerability High
CVE-2019-8130 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition SQLi Vulnerability High
CVE-2019-8127 was published for magento/community-edition (Composer) May 24, 2022
url_redirect for Typo3 SQLi Vulnerability High
CVE-2019-16682 was published for sfroemken/url_redirect (Composer) May 24, 2022
Openstack ironic-inspector has SQL injection vulnerability in node_cache High
CVE-2019-10141 was published for ironic-inspector (pip) May 24, 2022
powermail extension for TYPO3 vulnerable to SQL Injection High
CVE-2010-3604 was published for in2code/powermail (Composer) May 17, 2022
TYPO3 SQL injection vulnerability in the Extbase Framework High
CVE-2013-1842 was published for typo3/cms-core (Composer) May 17, 2022
Multishop extension for TYPO3 has SQL Injection vulnerability High
CVE-2013-4682 was published for bvbmedia/multishop (Composer) May 17, 2022
WEC Map (wec_map) extension for TYPO3 allows SQL Injection High
CVE-2014-6295 was published for jbartels/wec-map (Composer) May 17, 2022
Apache Jetspeed vulnerable to SQL Injection High
CVE-2016-0710 was published for org.apache.portals.jetspeed-2:jetspeed (Maven) May 17, 2022
Django Vulnerable to MySQL Injection High
CVE-2014-0474 was published for Django (pip) May 17, 2022
GeniXCMS SQL injection vulnerability High
CVE-2016-10096 was published for genix/cms (Composer) May 17, 2022
GeniXCMS SQL Injection High
CVE-2017-8377 was published for genix/cms (Composer) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database