GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
202 advisories
Filter by severity
SQL Injection in tribalsystems/zenario
Critical
CVE-2021-26830
was published
for
tribalsystems/zenario
(Composer)
Mar 18, 2022
SQLinjection in falcon-plus
Critical
CVE-2022-26245
was published
for
github.com/open-falcon/falcon-plus
(Go)
Mar 28, 2022
SQL Injection in ImpressCMS
Critical
CVE-2021-26599
was published
for
impresscms/impresscms
(Composer)
Mar 29, 2022
SQL injection in pagekit/pagekit
Critical
CVE-2021-44135
was published
for
pagekit/pagekit
(Composer)
Apr 2, 2022
SQL injection in apache-superset
Critical
CVE-2022-27479
was published
for
apache-superset
(pip)
Apr 14, 2022
Typo3 SQL injection due to faulty prepared statements
Critical
CVE-2011-3583
was published
for
typo3/cms
(Composer)
Apr 22, 2022
Drupal SQL Injection vulnerability
Critical
CVE-2011-2715
was published
for
drupal/core
(Composer)
Apr 22, 2022
MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameter
Critical
CVE-2022-28111
was published
for
com.github.pagehelper:pagehelper
(Maven)
May 5, 2022
Dolibarr SQL Injection vulnerability
Critical
CVE-2018-9019
was published
for
dolibarr/dolibarr
(Composer)
May 13, 2022
Centreon allows SNMP trap SQL Injection
Critical
CVE-2018-19281
was published
for
centreon/centreon
(Composer)
May 14, 2022
Silverstripe Framework SQLi Vulnerability
Critical
CVE-2019-5715
was published
for
silverstripe/framework
(Composer)
May 14, 2022
baserCMS SQL Injection vulnerability
Critical
CVE-2017-10842
was published
for
baserproject/basercms
(Composer)
May 14, 2022
Dolibarr SQL injection via the integer parameters qty and value_unit
Critical
CVE-2018-16809
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
phpMyAdmin SQL injection in Designer feature
Critical
CVE-2019-6798
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 14, 2022
ThinkPHP SQLi Vulnerability
Critical
CVE-2018-18546
was published
for
topthink/framework
(Composer)
May 14, 2022
ThinkPHP SQLi Vulnerability
Critical
CVE-2018-18530
was published
for
topthink/framework
(Composer)
May 14, 2022
ThinkPHP SQLi Vulnerability
Critical
CVE-2018-18529
was published
for
topthink/framework
(Composer)
May 14, 2022
ThinkPHP SQL injection vulnerability
Critical
CVE-2018-17566
was published
for
topthink/framework
(Composer)
May 14, 2022
ThinkPHP SQL Injection vulnerability
Critical
CVE-2018-16385
was published
for
topthink/framework
(Composer)
May 14, 2022
Zend Framework Allows SQL Injection
Critical
CVE-2016-6233
was published
for
zendframework/zendframework
(Composer)
May 14, 2022
Zend Framework Allows SQL Injection
Critical
CVE-2016-4861
was published
for
zendframework/zendframework
(Composer)
May 14, 2022
Bacula-web SQL Injection Vulnerabilities
Critical
CVE-2017-15367
was published
for
bacula-web/bacula-web
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php
Critical
CVE-2018-13450
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API