GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
44 advisories
Filter by severity
OHDSI WebAPI vulnerable to SQL Injection
Critical
CVE-2019-15563
was published
for
org.ohdsi:WebAPI
(Maven)
May 24, 2022
SQL Injection in Log4j 1.2.x
Critical
CVE-2022-23305
was published
for
log4j:log4j
(Maven)
Jan 21, 2022
Jeecg boot SQL Injection vulnerability
Critical
CVE-2023-42268
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Sep 8, 2023
SQL injection in audit endpoint
Critical
CVE-2023-35088
was published
for
org.apache.inlong:manager-service
(Maven)
Jul 25, 2023
SQL injection in jeecg-boot
Critical
CVE-2023-38992
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Jul 28, 2023
SQL Injection in Apache SkyWalking
Critical
CVE-2020-13921
was published
for
org.apache.skywalking:oap-server
(Maven)
May 7, 2021
jeecg-boot SQL injection vulnerability
Critical
CVE-2023-34659
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Jun 16, 2023
OpenRefine Remote Code execution in project import with mysql jdbc url attack
Critical
CVE-2023-41887
was published
for
org.openrefine:database
(Maven)
Sep 12, 2023
SQL injection in jeecgboot
Critical
CVE-2023-40989
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Sep 22, 2023
Apache Cocoon SQL Injection vulnerability
Critical
CVE-2022-45135
was published
for
org.apache.cocoon:cocoon
(Maven)
Nov 30, 2023
RuoYi vulnerable to SQL injection vulnerability
Critical
CVE-2023-49371
was published
for
com.ruoyi:ruoyi
(Maven)
Dec 1, 2023
Jeecg Boot SQL Injection
Critical
CVE-2023-41543
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Dec 30, 2023
org.postgresql:postgresql vulnerable to SQL Injection via line comment generation
Critical
CVE-2024-1597
was published
for
org.postgresql:postgresql
(Maven)
Feb 21, 2024
SQL Injection in hive-jdbc
Critical
CVE-2018-1282
was published
for
org.apache.hive:hive-jdbc
(Maven)
Nov 21, 2018
Amazon JDBC Driver for Redshift SQL Injection via line comment generation
Critical
CVE-2024-32888
was published
for
com.amazon.redshift:redshift-jdbc42
(Maven)
May 15, 2024
Dromara hutool vulnerable to SQL Injection
Critical
CVE-2023-24163
was published
for
cn.hutool:hutool-all
(Maven)
Jan 31, 2023
MyBatis-Plus vulnerable to SQL injection via TenantPlugin
Critical
CVE-2023-25330
was published
for
com.baomidou:mybatis-plus
(Maven)
Apr 5, 2023
Duplicate Advisory: SQL injection in pgjdbc
Critical
GHSA-xfg6-62px-cxc2
was published
for
org.postgresql:postgresql
(Maven)
Feb 19, 2024
•
withdrawn
Jeecg Boot SQL injection vulnerability
Critical
CVE-2023-41542
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Dec 30, 2023
ProTip!
Advisories are also available from the
GraphQL API