GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,651
Maven
5,000+
npm
4,279
NuGet
760
pip
4,066
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+
530 advisories
Filter by severity
Swift Mailer mail transport Command Injection
Critical
CVE-2016-10074
was published
for
swiftmailer/swiftmailer
(Composer)
May 17, 2022
Dolibarr SQL Injection vulnerability
Critical
CVE-2018-9019
was published
for
dolibarr/dolibarr
(Composer)
May 13, 2022
Dolibarr SQL injection vulnerability in product/card.php
Critical
CVE-2018-13450
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php
Critical
CVE-2018-13449
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php
Critical
CVE-2018-13447
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php
Critical
CVE-2018-13448
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability
Critical
CVE-2018-10094
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in admin/menus/edit.php
Critical
CVE-2017-14238
was published
for
dolibarr/dolibarr
(Composer)
May 17, 2022
Dolibarr SQL Injection in doli/theme/eldy/style.css.php via the lang parameter
Critical
CVE-2017-7886
was published
for
dolibarr/dolibarr
(Composer)
May 17, 2022
Dolibarr SQL injection vulnerability in don/list.php
Critical
CVE-2017-14242
was published
for
dolibarr/dolibarr
(Composer)
May 17, 2022
Dolibarr SQL injection vulnerability in comm/multiprix.php
Critical
CVE-2017-17897
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in adherents/subscription/info.php
Critical
CVE-2017-17899
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in fourn/index.php
Critical
CVE-2017-17900
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr Improper Restriction of Excessive Authentication Attempts
Critical
CVE-2020-7995
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
Dolibarr Cross-site Scripting via the qty parameter in product/fournisseurs.php
Critical
CVE-2019-19212
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
php-shellcommand command injection vulnerability
Critical
CVE-2019-10774
was published
for
mikehaertl/php-shellcommand
(Composer)
May 24, 2022
NukeViet SQL Injection vulnerability via topicsid parameter
Critical
CVE-2020-21808
was published
for
nukeviet/nukeviet
(Composer)
May 24, 2022
NukeViet SQL Injection vulnerability
Critical
CVE-2020-21809
was published
for
nukeviet/nukeviet
(Composer)
May 24, 2022
Yii SQL injection vulnerability
Critical
CVE-2018-7269
was published
for
yiisoft/yii2-dev
(Composer)
May 24, 2022
Dolibarr SQL injection via the integer parameters qty and value_unit
Critical
CVE-2018-16809
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr remote PHP code execution
Critical
CVE-2021-33816
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
yii2-redis Potential Remote code execution
Critical
CVE-2018-8073
was published
for
yiisoft/yii2-redis
(Composer)
May 14, 2022
phpMyAdmin Improper Privilege Management
Critical
CVE-2017-18264
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 13, 2022
phpMyAdmin SQL injection in Designer feature
Critical
CVE-2019-6798
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 14, 2022
qcubed PHP object injection
Critical
CVE-2020-24914
was published
for
qcubed/qcubed
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API