GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
174 advisories
Filter by severity
SQL Injection in Apache InLong
High
CVE-2023-43667
was published
for
org.apache.inlong:inlong
(Maven)
Oct 16, 2023
SQL injection in librenms/librenms
High
CVE-2023-5591
was published
for
librenms/librenms
(Composer)
Oct 16, 2023
FUXA SQL Injection vulnerability
High
CVE-2023-31717
was published
for
fuxa-server
(npm)
Sep 22, 2023
OpenRefine vulnerable to arbitrary file read in project import with mysql jdbc url attack
High
CVE-2023-41886
was published
for
org.openrefine:database
(Maven)
Sep 12, 2023
DataEase vulnerable to SQL injection
High
CVE-2023-40771
was published
for
io.dataease:dataease-plugin-common
(Maven)
Sep 1, 2023
SpringBlade vulnerable to SQL injection
High
CVE-2023-40787
was published
for
org.springblade:blade-core-tool
(Maven)
Aug 29, 2023
Daylight Studio FUEL-CMS SQLi Vulnerability
High
CVE-2020-24950
was published
for
codeigniter/framework
(Composer)
Aug 11, 2023
Pimcore vulnerable to SQL Injection in Dataobjects sorting
High
CVE-2023-3820
was published
for
pimcore/pimcore
(Composer)
Jul 21, 2023
Pimcore SQL Injection vulnerability
High
CVE-2023-3673
was published
for
pimcore/pimcore
(Composer)
Jul 14, 2023
langchain SQL Injection vulnerability
High
CVE-2023-36189
was published
for
langchain
(pip)
Jul 6, 2023
ipandlanguageredirect extension vulnerable to SQL Injection
High
CVE-2023-35782
was published
for
in2code/ipandlanguageredirect
(Composer)
Jun 16, 2023
SQL injection when using MySQL/PostgreSQL data checking
High
CVE-2023-33967
was published
for
github.com/megaease/easeprobe
(Go)
Jun 6, 2023
SQL injection in Liferay Portal
High
CVE-2023-33945
was published
for
com.liferay.portal:release.portal.bom
(Maven)
May 24, 2023
pimcore/customer-management-framework-bundle has SQL Injection vulnerability in Segment Assignment query
High
CVE-2023-2756
was published
for
pimcore/customer-management-framework-bundle
(Composer)
May 17, 2023
Moodle SQL Injection vulnerability
High
CVE-2023-30944
was published
for
moodle/moodle
(Composer)
May 2, 2023
SQL Injection in AssetController
High
CVE-2023-2338
was published
for
pimcore/pimcore
(Composer)
Apr 27, 2023
SQL Injection in Admin Translations API
High
CVE-2023-30850
was published
for
pimcore/pimcore
(Composer)
Apr 27, 2023
SQL Injection in Translation Export API
High
CVE-2023-30849
was published
for
pimcore/pimcore
(Composer)
Apr 27, 2023
SQL Injection in Admin Search Find API
High
CVE-2023-30848
was published
for
pimcore/pimcore
(Composer)
Apr 27, 2023
Arbitrary file read via SQL injection
High
CVE-2023-30545
was published
for
prestashop/prestashop
(Composer)
Apr 26, 2023
NotrinosERP vulnerable to SQL Injection
High
CVE-2023-24788
was published
for
notrinos/notrinos-erp
(Composer)
Mar 23, 2023
Moodle SQL Injection vulnerability
High
CVE-2023-28329
was published
for
moodle/moodle
(Composer)
Mar 23, 2023
Teampass SQL Injection vulnerability
High
CVE-2023-1545
was published
for
nilsteampassnet/teampass
(Composer)
Mar 21, 2023
Improper quoting of columns when calling methods "getByUuid" & "exists" on UUID Model
High
CVE-2023-28108
was published
for
pimcore/pimcore
(Composer)
Mar 17, 2023
jeecg-boot contains SQL Injection vulnerability
High
CVE-2023-24789
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Mar 6, 2023
ProTip!
Advisories are also available from the
GraphQL API