GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
11,372 advisories
Filter by severity
Failure to sanitize quotes which can lead to sql injection in squel
Critical
GHSA-4qhx-g9wp-g9m6
was published
for
squel
(npm)
Jun 14, 2019
SQL Injection in marginalia
Critical
CVE-2019-1010191
was published
for
marginalia
(RubyGems)
Jul 26, 2019
SQL Injection in connect-pg-simple
High
CVE-2019-15658
was published
for
connect-pg-simple
(npm)
Aug 26, 2019
SQL Injection in LibreNMS
High
CVE-2019-12465
was published
for
librenms/librenms
(Composer)
Oct 11, 2019
SQL Injection in LibreNMS
High
CVE-2019-10671
was published
for
librenms/librenms
(Composer)
Oct 11, 2019
SQL Injection in SimpleSAMLphp
Critical
CVE-2019-15537
was published
for
cesnet/simplesamlphp-module-proxystatistics
(Composer)
Nov 8, 2019
Symfony Service IDs Allow Injection
Critical
CVE-2019-10910
was published
for
symfony/dependency-injection
(Composer)
Nov 18, 2019
SQL Injection in usmanhalalit/pixie
Critical
CVE-2019-10766
was published
for
usmanhalalit/pixie
(Composer)
Nov 20, 2019
Data leakage via SQL Injection in Pimcore
Moderate
CVE-2019-10763
was published
for
pimcore/pimcore
(Composer)
Dec 2, 2019
Invalid HTTP method overrides allow possible XSS or other attacks in Symfony
Critical
CVE-2019-10913
was published
for
symfony/http-foundation
(Composer)
Dec 2, 2019
SQL injection in phpMyAdmin
Critical
CVE-2019-18622
was published
for
phpmyadmin/phpmyadmin
(Composer)
Jan 16, 2020
SQL injection in Centreon
Critical
CVE-2019-16194
was published
for
centreon/centreon
(Composer)
Feb 11, 2020
SQL injection in Tortoise ORM
Moderate
CVE-2020-11010
was published
for
tortoise-orm
(pip)
Apr 20, 2020
DoS via malicious record IDs in WatermelonDB
Moderate
CVE-2020-4035
was published
for
@nozbe/watermelondb
(npm)
Jun 3, 2020
ProTip!
Advisories are also available from the
GraphQL API