GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,833
Maven
5,000+
npm
3,573
NuGet
632
pip
3,160
Pub
10
RubyGems
847
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+
98 advisories
Filter by severity
Pimcore SQL Injection in Admin Grid Filter API through Multiselect::getFilterConditionExt()
High
CVE-2023-47637
was published
for
pimcore/pimcore
(Composer)
Nov 15, 2023
MainWP Dashboard SQL Command Injection vulnerability
High
CVE-2023-38519
was published
for
mainwp/mainwp
(Composer)
Dec 20, 2023
Magento sql injection vulnerability
High
CVE-2020-3719
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento SQL Injection vulnerability
High
CVE-2020-24400
was published
for
magento/community-edition
(Composer)
May 24, 2022
Blind SQL Injection via GridFieldSortableHeader
High
CVE-2022-38148
was published
for
silverstripe/framework
(Composer)
Nov 22, 2022
SQL Injection in Admin download files as zip
High
CVE-2024-23646
was published
for
pimcore/admin-ui-classic-bundle
(Composer)
Jan 24, 2024
TYPO3 SQL injection vulnerability on the backend
High
CVE-2010-3662
was published
for
typo3/cms-backend
(Composer)
Apr 21, 2022
Magento 2 Community Edition SQLi Vulnerability
High
CVE-2019-8127
was published
for
magento/community-edition
(Composer)
May 24, 2022
Query Binding Exploitation
High
CVE-2021-21263
was published
for
illuminate/database
(Composer)
Jan 19, 2021
phpMyFAQ SQL injections at insertentry & saveentry
High
CVE-2024-28107
was published
for
phpmyfaq/phpmyfaq
(Composer)
Mar 25, 2024
phpMyFAQ SQL Injection at "Save News"
High
CVE-2024-27299
was published
for
phpmyfaq/phpmyfaq
(Composer)
Mar 25, 2024
Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability
High
CVE-2024-0637
was published
for
centreon/centreon
(Composer)
Apr 2, 2024
Centreon updateLCARelation SQL Injection Remote Code Execution Vulnerability
High
CVE-2024-23116
was published
for
centreon/centreon
(Composer)
Apr 2, 2024
Centreon updateGroups SQL Injection Remote Code Execution Vulnerability
High
CVE-2024-23115
was published
for
centreon/centreon
(Composer)
Apr 2, 2024
Centreon updateContactServiceCommands SQL Injection Remote Code Execution Vulnerability
High
CVE-2024-23117
was published
for
centreon/centreon
(Composer)
Apr 2, 2024
Centreon updateContactHostCommands SQL Injection Remote Code Execution Vulnerability
High
CVE-2024-23118
was published
for
centreon/centreon
(Composer)
Apr 2, 2024
Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability
High
CVE-2024-23119
was published
for
centreon/centreon
(Composer)
Apr 2, 2024
Moodle SQL Injection vulnerability
High
CVE-2023-30944
was published
for
moodle/moodle
(Composer)
May 2, 2023
Moodle SQL Injection vulnerability
High
CVE-2023-28329
was published
for
moodle/moodle
(Composer)
Mar 23, 2023
LibreNMS vulnerable to SQL injection time-based leads to database extraction
High
CVE-2024-32461
was published
for
librenms/librenms
(Composer)
Apr 22, 2024
LibreNMS vulnerable to a Time-Based Blind SQL injection leads to database extraction
High
CVE-2024-32480
was published
for
librenms/librenms
(Composer)
Apr 22, 2024
MODX Revolution blind SQL injection
High
CVE-2017-1000067
was published
for
modx/revolution
(Composer)
May 17, 2022
Moodle Blind SQL injection possible via MNet authentication
High
CVE-2021-32474
was published
for
moodle/moodle
(Composer)
Mar 12, 2022
phpMyAdmin SQL injection in user accounts page
High
CVE-2020-5504
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
phpMyAdmin SQL injection vulnerability
High
CVE-2020-10802
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API