GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
66 advisories
Filter by severity
JeecgBoot vulnerable to SQL injection in queryFilterTableDictInfo
Moderate
CVE-2023-34603
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Jun 19, 2023
Array data injection vulnerability in activerecord
Moderate
CVE-2014-0080
was published
for
activerecord
(RubyGems)
Oct 24, 2017
JeecgBoot vulnerable to SQL injection in queryTableDictItemsByCode
Moderate
CVE-2023-34602
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Jun 19, 2023
Jeecg-boot SQL Injection vulnerability
Moderate
CVE-2023-38905
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Aug 17, 2023
Active Record vulnerable to SQL Injection via nested query parameters
Moderate
CVE-2012-2661
was published
for
activerecord
(RubyGems)
Oct 24, 2017
PrestaShop boolean SQL injection
Moderate
CVE-2023-39524
was published
for
prestashop/prestashop
(Composer)
Aug 9, 2023
nocodb SQL Injection vulnerability
Moderate
CVE-2023-43794
was published
for
nocodb
(npm)
Oct 17, 2023
SQL Injection in moodle
Moderate
CVE-2020-25700
was published
for
moodle/moodle
(Composer)
Mar 29, 2021
OpenCart SQL injection vulnerability
Moderate
CVE-2021-37823
was published
for
opencart/opencart
(Composer)
Nov 3, 2022
SQL Injection in gogs.io/gogs
Moderate
CVE-2014-8681
was published
for
github.com/gogits/gogs
(Go)
Jun 29, 2021
CiviCRM SQL injection vulnerability via Quick Search API
Moderate
CVE-2013-4662
was published
for
civicrm/civicrm-core
(Composer)
May 17, 2022
SQL Injection in Apache Kylin
Moderate
CVE-2021-36774
was published
for
org.apache.kylin:kylin
(Maven)
Jan 8, 2022
Pimcore SQLi Vulnerability
Moderate
CVE-2018-14058
was published
for
pimcore/pimcore
(Composer)
May 14, 2022
Apache InLong SQL Injection vulnerability
Moderate
CVE-2023-30465
was published
for
org.apache.inlong:manager-pojo
(Maven)
Jul 6, 2023
HashiCorp Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File
Moderate
CVE-2023-0620
was published
for
github.com/hashicorp/vault
(Go)
Mar 30, 2023
Pimcore vulnerable to improper quoting of filters in Custom Reports
Moderate
CVE-2023-28438
was published
for
pimcore/pimcore
(Composer)
Mar 22, 2023
Pimcore Remote Code Execution vulnerability in Search function
Moderate
CVE-2023-1578
was published
for
pimcore/pimcore
(Composer)
Mar 22, 2023
katello SQL Injection vulnerability
Moderate
CVE-2018-14623
was published
for
katello
(RubyGems)
May 13, 2022
SQL injection in github.com/navidrome/navidrome
Moderate
CVE-2022-23857
was published
for
github.com/navidrome/navidrome
(Go)
Jan 27, 2022
SQL Injection in showdoc
Moderate
CVE-2022-0362
was published
for
showdoc/showdoc
(Composer)
Jan 27, 2022
Jeecg-boot vulnerable to SQL injection via /sys/user/putRecycleBin
Moderate
CVE-2022-45208
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Nov 25, 2022
Jeecg-boot vulnerable to SQL Injection
Moderate
CVE-2022-45210
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Nov 25, 2022
SQL Injection in Cloud Native Computing Foundation Harbor
Moderate
CVE-2019-19026
was published
for
github.com/goharbor/harbor
(Go)
May 18, 2021
SQL Injection in Cloud Native Computing Foundation Harbor
Moderate
CVE-2019-19029
was published
for
github.com/goharbor/harbor
(Go)
May 18, 2021
SQL Injection in tribalsystems/zenario
Moderate
CVE-2021-27672
was published
for
tribalsystems/zenario
(Composer)
Jun 8, 2021
ProTip!
Advisories are also available from the
GraphQL API