GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
64 advisories
PyLoad vulnerable to SQL Injection via API /json/add_package in add_links parameter
High
CVE-2025-55156
was published
for
pyload-ng
(pip)
Aug 12, 2025
llama_index vulnerable to SQL Injection
Critical
CVE-2025-1793
was published
for
llama-index
(pip)
Jun 5, 2025
Frappe has possibility of SQL injection due to improper validations
Moderate
CVE-2025-30217
was published
for
frappe
(pip)
Mar 26, 2025
Frappe has possibility of SQL injection due to improper validations
Moderate
CVE-2025-30212
was published
for
frappe
(pip)
Mar 25, 2025
llama-index-packs-finchat SQL Injection vulnerability
Critical
CVE-2024-12909
was published
for
llama-index-packs-finchat
(pip)
Mar 20, 2025
Amazon Redshift Python Connector vulnerable to SQL Injection
High
CVE-2024-12745
was published
for
redshift_connector
(pip)
Dec 26, 2024
Langchain SQL Injection vulnerability
Low
CVE-2024-8309
was published
for
langchain
(pip)
Oct 29, 2024
MySQL Connector/Python connector takeover vulnerability
High
CVE-2024-21272
was published
for
mysql-connector-python
(pip)
Oct 15, 2024
LF Edge eKuiper has a SQL Injection in sqlKvStore
High
CVE-2024-43406
was published
for
ekuiper
(Go)
Aug 20, 2024
dbt has an implicit override for built-in materializations from installed packages
Low
CVE-2024-40637
was published
for
dbt-core
(pip)
Jul 17, 2024
ProTip!
Advisories are also available from the
GraphQL API