Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

24 advisories

Loading
simple-admin-core SQL Injection vulnerability High
CVE-2025-51667 was published for github.com/suyuan32/simple-admin-core (Go) Aug 27, 2025
eKuiper API endpoints handling SQL queries with user-controlled table names. High
CVE-2025-54379 was published for github.com/lf-edge/ekuiper (Go) Jul 24, 2025
odaysec
pgx SQL Injection via Line Comment Creation High
CVE-2024-27289 was published for github.com/jackc/pgx (Go) Mar 4, 2024
paul-gerste-sonarsource
Navidrome allows SQL Injection via role parameter High
CVE-2025-48949 was published for github.com/navidrome/navidrome (Go) May 29, 2025
4rdr
rttys SQL Injection vulnerability High
CVE-2022-38867 was published for github.com/zhaojh329/rttys (Go) Feb 16, 2023
SQL injection in Apache Traffic Control High
CVE-2024-45387 was published for github.com/apache/trafficcontrol/v8 (Go) Dec 23, 2024
pgx SQL Injection via Protocol Message Size Overflow High
CVE-2024-27304 was published for github.com/jackc/pgx (Go) Mar 4, 2024
paul-gerste-sonarsource
SQL Injection in the KubeClarity REST API High
CVE-2024-39909 was published for github.com/openclarity/kubeclarity/backend (Go) Jul 12, 2024
b-abderrahmane
Devtron has SQL Injection in CreateUser API High
CVE-2024-45794 was published for github.com/devtron-labs/devtron (Go) Nov 7, 2024
leonnewton
pgproto3 SQL Injection via Protocol Message Size Overflow High
GHSA-7jwh-3vrq-q3m8 was published for github.com/jackc/pgproto3 (Go) Mar 4, 2024
paul-gerste-sonarsource
SQL Injection in Cloud Native Computing Foundation Harbor High
CVE-2019-19029 was published for github.com/goharbor/harbor (Go) May 18, 2021
LF Edge eKuiper has a SQL Injection in sqlKvStore High
CVE-2024-43406 was published for ekuiper (Go) Aug 20, 2024
leonnewton
Meshery SQL Injection vulnerability High
CVE-2024-29031 was published for github.com/layer5io/meshery (Go) Aug 5, 2024
IBAX go-ibax vulnerable to SQL injection High
CVE-2022-3798 was published for github.com/IBAX-io/go-ibax (Go) Nov 1, 2022
IBAX go-ibax vulnerable to SQL injection High
CVE-2022-3800 was published for github.com/IBAX-io/go-ibax (Go) Nov 1, 2022
IBAX go-ibax vulnerable to SQL injection High
CVE-2022-3799 was published for github.com/IBAX-io/go-ibax (Go) Nov 1, 2022
IBAX go-ibax vulnerable to SQL injection High
CVE-2022-3801 was published for github.com/IBAX-io/go-ibax (Go) Nov 1, 2022
IBAX go-ibax vulnerable to SQL injection High
CVE-2022-3802 was published for github.com/IBAX-io/go-ibax (Go) Nov 1, 2022
Apache AGE: Python and Golang drivers allow data manipulation and exposure due to SQL injection High
CVE-2022-45786 was published for apache-age-python (Go) Feb 4, 2023
oscerd
Authenticated (user role) SQL injection in `OrderAndPaginate` (GHSL-2023-270) High
CVE-2024-22196 was published for github.com/0xJacky/Nginx-UI (Go) Jan 11, 2024
jorgectf Hintay
SQL injection when using MySQL/PostgreSQL data checking High
CVE-2023-33967 was published for github.com/megaease/easeprobe (Go) Jun 6, 2023
oxeye-gal oxeye-daniel
Pivotal Concourse SQL Injection Vulnerability High
CVE-2019-3792 was published for github.com/concourse/concourse (Go) Feb 15, 2022
SQL Injection in Casdoor High
CVE-2022-24124 was published for github.com/casdoor/casdoor (Go) Feb 1, 2022
SQL Injection in Gogs High
CVE-2014-8682 was published for gogs.io/gogs (Go) Jun 29, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database