Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

31 advisories

Loading
Easy!Appointments SQL injection vulnerability Moderate
CVE-2025-50383 was published for alextselegidis/easyappointments (Composer) Aug 26, 2025
MoonShine SQL Injection Vulnerability Moderate
CVE-2025-51510 was published for moonshine/moonshine (Composer) Aug 19, 2025
MantisBT SQL Injection via mc_project_get_users function Moderate
CVE-2020-28413 was published for mantisbt/mantisbt (Composer) May 24, 2022
Moodle allows remote authenticated users to cause a denial of service (invalid database records) Moderate
CVE-2011-4292 was published for moodle/moodle (Composer) May 13, 2022
TYPO3 SQL Injection vulnerability Moderate
CVE-2010-5103 was published for typo3/cms (Composer) May 17, 2022
Joomla Framework Database Package Vulnerable to SQL Injection Moderate
CVE-2025-25226 was published for joomla/database (Composer) Apr 8, 2025
Pimcore Vulnerable to SQL Injection in getRelationFilterCondition Moderate
CVE-2025-27617 was published for pimcore/pimcore (Composer) Mar 11, 2025
cancan101
Magento Open Source allows SQL Injection Moderate
CVE-2023-38250 was published for magento/community-edition (Composer) Oct 13, 2023
Magento Open Source allows SQL Injection Moderate
CVE-2023-38249 was published for magento/community-edition (Composer) Oct 13, 2023
Magento Open Source allows SQL Injection Moderate
CVE-2023-38221 was published for magento/community-edition (Composer) Oct 13, 2023
Withdrawn Advisory: Nette Database SQL injection Moderate
CVE-2024-55586 was published for nette/database (Composer) Dec 10, 2024 withdrawn
calvera CSIRTTrizna
Shopware vulnerable to blind SQL-injection in DAL aggregations Moderate
CVE-2024-42357 was published for shopware/core (Composer) Aug 8, 2024
Moodle vulnerable to site administration SQL injection via XMLDB editor Moderate
CVE-2024-43436 was published for moodle/moodle (Composer) Nov 7, 2024
Mautic SQL Injection in dynamic Reports Moderate
CVE-2022-25775 was published for mautic/core (Composer) Apr 12, 2024
SQL Injection in TYPO3 Frontend Login Moderate
GHSA-j86x-pjmr-9m6w was published for typo3/cms (Composer) Jun 5, 2024
Magento Injection vulnerability via email templates Moderate
CVE-2019-8143 was published for magento/community-edition (Composer) May 24, 2022
LibreNMS SQL Injection vulnerability Moderate
CVE-2020-15873 was published for librenms/librenms (Composer) May 24, 2022
phpMyAdmin SQL injection vulnerability Moderate
CVE-2020-10803 was published for phpmyadmin/phpmyadmin (Composer) May 24, 2022
Moodle vulnerable to SQL Injection Moderate
CVE-2023-35132 was published for moodle/moodle (Composer) Jun 22, 2023
Typo3 Backend History Module Vulnerable to SQL Injection Moderate
CVE-2012-6144 was published for typo3/cms (Composer) May 17, 2022
Gila CMS SQL Injection Moderate
CVE-2020-26623 was published for gilacms/gila (Composer) Jan 3, 2024
PrestaShop boolean SQL injection Moderate
CVE-2023-39524 was published for prestashop/prestashop (Composer) Aug 9, 2023
SQL Injection in moodle Moderate
CVE-2020-25700 was published for moodle/moodle (Composer) Mar 29, 2021
OpenCart SQL injection vulnerability Moderate
CVE-2021-37823 was published for opencart/opencart (Composer) Nov 3, 2022
CiviCRM SQL injection vulnerability via Quick Search API Moderate
CVE-2013-4662 was published for civicrm/civicrm-core (Composer) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database