Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+

202 advisories

Loading
SQL Injection in tribalsystems/zenario Critical
CVE-2021-26830 was published for tribalsystems/zenario (Composer) Mar 18, 2022
SQLinjection in falcon-plus Critical
CVE-2022-26245 was published for github.com/open-falcon/falcon-plus (Go) Mar 28, 2022
SQL Injection in ImpressCMS Critical
CVE-2021-26599 was published for impresscms/impresscms (Composer) Mar 29, 2022
SQL injection in pagekit/pagekit Critical
CVE-2021-44135 was published for pagekit/pagekit (Composer) Apr 2, 2022
SQL Injection in Django Critical
CVE-2022-28347 was published for Django (pip) Apr 13, 2022
SQL Injection in Django Critical
CVE-2022-28346 was published for Django (pip) Apr 13, 2022
SQL injection in apache-superset Critical
CVE-2022-27479 was published for apache-superset (pip) Apr 14, 2022
Typo3 SQL injection due to faulty prepared statements Critical
CVE-2011-3583 was published for typo3/cms (Composer) Apr 22, 2022
Drupal SQL Injection vulnerability Critical
CVE-2011-2715 was published for drupal/core (Composer) Apr 22, 2022
MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameter Critical
CVE-2022-28111 was published for com.github.pagehelper:pagehelper (Maven) May 5, 2022
Dolibarr SQL Injection vulnerability Critical
CVE-2018-9019 was published for dolibarr/dolibarr (Composer) May 13, 2022
Centreon allows SNMP trap SQL Injection Critical
CVE-2018-19281 was published for centreon/centreon (Composer) May 14, 2022
Silverstripe Framework SQLi Vulnerability Critical
CVE-2019-5715 was published for silverstripe/framework (Composer) May 14, 2022
baserCMS SQL Injection vulnerability Critical
CVE-2017-10842 was published for baserproject/basercms (Composer) May 14, 2022
Dolibarr SQL injection via the integer parameters qty and value_unit Critical
CVE-2018-16809 was published for dolibarr/dolibarr (Composer) May 14, 2022
phpMyAdmin SQL injection in Designer feature Critical
CVE-2019-6798 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
ThinkPHP SQLi Vulnerability Critical
CVE-2018-18546 was published for topthink/framework (Composer) May 14, 2022
ThinkPHP SQLi Vulnerability Critical
CVE-2018-18530 was published for topthink/framework (Composer) May 14, 2022
ThinkPHP SQLi Vulnerability Critical
CVE-2018-18529 was published for topthink/framework (Composer) May 14, 2022
ThinkPHP SQL injection vulnerability Critical
CVE-2018-17566 was published for topthink/framework (Composer) May 14, 2022
ThinkPHP SQL Injection vulnerability Critical
CVE-2018-16385 was published for topthink/framework (Composer) May 14, 2022
Zend Framework Allows SQL Injection Critical
CVE-2016-6233 was published for zendframework/zendframework (Composer) May 14, 2022
Zend Framework Allows SQL Injection Critical
CVE-2016-4861 was published for zendframework/zendframework (Composer) May 14, 2022
Bacula-web SQL Injection Vulnerabilities Critical
CVE-2017-15367 was published for bacula-web/bacula-web (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php Critical
CVE-2018-13450 was published for dolibarr/dolibarr (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API