GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
80 advisories
Filter by severity
jeecg-boot vulnerable to SQL injection
Critical
CVE-2023-1741
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Mar 31, 2023
Ming-Soft MCMS vulnerable to SQL injection
Critical
CVE-2020-20913
was published
for
net.mingsoft:ms-mcms
(Maven)
Apr 4, 2023
MyBatis-Plus vulnerable to SQL injection via TenantPlugin
Critical
CVE-2023-25330
was published
for
com.baomidou:mybatis-plus
(Maven)
Apr 5, 2023
SQL injection in Liferay Portal
High
CVE-2023-33945
was published
for
com.liferay.portal:release.portal.bom
(Maven)
May 24, 2023
RuoYi Uncontrolled Resource Consumption vulnerability
Low
CVE-2023-3163
was published
for
com.ruoyi:ruoyi
(Maven)
Jun 8, 2023
jeecg-boot SQL injection vulnerability
Critical
CVE-2023-34659
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Jun 16, 2023
JeecgBoot vulnerable to SQL injection in queryTableDictItemsByCode
Moderate
CVE-2023-34602
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Jun 19, 2023
JeecgBoot vulnerable to SQL injection in queryFilterTableDictInfo
Moderate
CVE-2023-34603
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Jun 19, 2023
Apache InLong SQL Injection vulnerability
Moderate
CVE-2023-30465
was published
for
org.apache.inlong:manager-pojo
(Maven)
Jul 6, 2023
SQL injection in audit endpoint
Critical
CVE-2023-35088
was published
for
org.apache.inlong:manager-service
(Maven)
Jul 25, 2023
SQL injection in jeecg-boot
Critical
CVE-2023-38992
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Jul 28, 2023
Jeecg-boot SQL Injection vulnerability
Moderate
CVE-2023-38905
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Aug 17, 2023
SpringBlade vulnerable to SQL injection
High
CVE-2023-40787
was published
for
org.springblade:blade-core-tool
(Maven)
Aug 29, 2023
DataEase vulnerable to SQL injection
High
CVE-2023-40771
was published
for
io.dataease:dataease-plugin-common
(Maven)
Sep 1, 2023
Jeecg boot SQL Injection vulnerability
Critical
CVE-2023-42268
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Sep 8, 2023
OpenRefine vulnerable to arbitrary file read in project import with mysql jdbc url attack
High
CVE-2023-41886
was published
for
org.openrefine:database
(Maven)
Sep 12, 2023
OpenRefine Remote Code execution in project import with mysql jdbc url attack
Critical
CVE-2023-41887
was published
for
org.openrefine:database
(Maven)
Sep 12, 2023
SQL injection in jeecgboot
Critical
CVE-2023-40989
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Sep 22, 2023
SQL Injection in Apache InLong
High
CVE-2023-43667
was published
for
org.apache.inlong:inlong
(Maven)
Oct 16, 2023
Apache Cocoon SQL Injection vulnerability
Critical
CVE-2022-45135
was published
for
org.apache.cocoon:cocoon
(Maven)
Nov 30, 2023
RuoYi vulnerable to SQL injection vulnerability
Critical
CVE-2023-49371
was published
for
com.ruoyi:ruoyi
(Maven)
Dec 1, 2023
Apache StreamPark: Authenticated system users could trigger SQL injection vulnerability
Moderate
CVE-2023-30867
was published
for
org.apache.streampark:streampark
(Maven)
Dec 15, 2023
Jeecg Boot SQL injection vulnerability
Critical
CVE-2023-41542
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Dec 30, 2023
Jeecg Boot SQL Injection
Critical
CVE-2023-41543
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Dec 30, 2023
Mingsoft MCMS SQL injection
High
CVE-2023-50578
was published
for
net.mingsoft:ms-mcms
(Maven)
Dec 30, 2023
ProTip!
Advisories are also available from the
GraphQL API