Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+

174 advisories

Loading
SQL Injection in Apache InLong High
CVE-2023-43667 was published for org.apache.inlong:inlong (Maven) Oct 16, 2023
SQL injection in librenms/librenms High
CVE-2023-5591 was published for librenms/librenms (Composer) Oct 16, 2023
FUXA SQL Injection vulnerability High
CVE-2023-31717 was published for fuxa-server (npm) Sep 22, 2023
OpenRefine vulnerable to arbitrary file read in project import with mysql jdbc url attack High
CVE-2023-41886 was published for org.openrefine:database (Maven) Sep 12, 2023
nbxiglk0
DataEase vulnerable to SQL injection High
CVE-2023-40771 was published for io.dataease:dataease-plugin-common (Maven) Sep 1, 2023
SpringBlade vulnerable to SQL injection High
CVE-2023-40787 was published for org.springblade:blade-core-tool (Maven) Aug 29, 2023
Daylight Studio FUEL-CMS SQLi Vulnerability High
CVE-2020-24950 was published for codeigniter/framework (Composer) Aug 11, 2023
Pimcore vulnerable to SQL Injection in Dataobjects sorting High
CVE-2023-3820 was published for pimcore/pimcore (Composer) Jul 21, 2023
hiu240900
Pimcore SQL Injection vulnerability High
CVE-2023-3673 was published for pimcore/pimcore (Composer) Jul 14, 2023
langchain SQL Injection vulnerability High
CVE-2023-36189 was published for langchain (pip) Jul 6, 2023
ipandlanguageredirect extension vulnerable to SQL Injection High
CVE-2023-35782 was published for in2code/ipandlanguageredirect (Composer) Jun 16, 2023
SQL injection when using MySQL/PostgreSQL data checking High
CVE-2023-33967 was published for github.com/megaease/easeprobe (Go) Jun 6, 2023
oxeye-gal oxeye-daniel
SQL injection in Liferay Portal High
CVE-2023-33945 was published for com.liferay.portal:release.portal.bom (Maven) May 24, 2023
pimcore/customer-management-framework-bundle has SQL Injection vulnerability in Segment Assignment query High
CVE-2023-2756 was published for pimcore/customer-management-framework-bundle (Composer) May 17, 2023
JoMC98
Moodle SQL Injection vulnerability High
CVE-2023-30944 was published for moodle/moodle (Composer) May 2, 2023
SQL Injection in AssetController High
CVE-2023-2338 was published for pimcore/pimcore (Composer) Apr 27, 2023
rekter0
SQL Injection in Admin Translations API High
CVE-2023-30850 was published for pimcore/pimcore (Composer) Apr 27, 2023
SQL Injection in Translation Export API High
CVE-2023-30849 was published for pimcore/pimcore (Composer) Apr 27, 2023
SQL Injection in Admin Search Find API High
CVE-2023-30848 was published for pimcore/pimcore (Composer) Apr 27, 2023
Arbitrary file read via SQL injection High
CVE-2023-30545 was published for prestashop/prestashop (Composer) Apr 26, 2023
truff77
NotrinosERP vulnerable to SQL Injection High
CVE-2023-24788 was published for notrinos/notrinos-erp (Composer) Mar 23, 2023
Moodle SQL Injection vulnerability High
CVE-2023-28329 was published for moodle/moodle (Composer) Mar 23, 2023
Teampass SQL Injection vulnerability High
CVE-2023-1545 was published for nilsteampassnet/teampass (Composer) Mar 21, 2023
Improper quoting of columns when calling methods "getByUuid" & "exists" on UUID Model High
CVE-2023-28108 was published for pimcore/pimcore (Composer) Mar 17, 2023
jeecg-boot contains SQL Injection vulnerability High
CVE-2023-24789 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Mar 6, 2023
ProTip! Advisories are also available from the GraphQL API