Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+

202 advisories

Loading
Dolibarr SQL injection vulnerability in product/card.php Critical
CVE-2018-13449 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php Critical
CVE-2018-13447 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php Critical
CVE-2018-13448 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability Critical
CVE-2018-10094 was published for dolibarr/dolibarr (Composer) May 14, 2022
thinkphp SQL Injection via the index.php s parameter Critical
CVE-2018-10225 was published for topthink/framework (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in fourn/index.php Critical
CVE-2017-17900 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in adherents/subscription/info.php Critical
CVE-2017-17899 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in comm/multiprix.php Critical
CVE-2017-17897 was published for dolibarr/dolibarr (Composer) May 14, 2022
SQL injection in calibreweb Critical
CVE-2022-30765 was published for calibreweb (pip) May 17, 2022
Dolibarr SQL injection vulnerability in admin/menus/edit.php Critical
CVE-2017-14238 was published for dolibarr/dolibarr (Composer) May 17, 2022
Dolibarr SQL injection vulnerability in don/list.php Critical
CVE-2017-14242 was published for dolibarr/dolibarr (Composer) May 17, 2022
Moodle SQL injection via user preferences Critical
CVE-2017-2641 was published for moodle/moodle (Composer) May 17, 2022
New Relic .NET Agent contains SQL Injection Critical
CVE-2017-9246 was published for NewRelic.Agent (NuGet) May 17, 2022
ADOdb Library SQL Injection Critical
CVE-2016-7405 was published for adodb/adodb-php (Composer) May 17, 2022
TeamPass SQL injection in users.queries.php Critical
CVE-2017-9436 was published for nilsteampassnet/teampass (Composer) May 17, 2022
Dolibarr ERP and CRM SQLi Critical
CVE-2017-9435 was published for dolibarr/dolibarr (Composer) May 17, 2022
Dolibarr SQL Injection in doli/theme/eldy/style.css.php via the lang parameter Critical
CVE-2017-7886 was published for dolibarr/dolibarr (Composer) May 17, 2022
Zend Framework SQL injection vector using null byte for PDO Critical
CVE-2015-7695 was published for zendframework/zendframework1 (Composer) May 17, 2022
SQL injection in moodle Critical
CVE-2022-30599 was published for moodle/moodle (Composer) May 19, 2022
Contao SQL injection in the backend and listing module Critical
CVE-2017-16558 was published for contao/contao (Composer) May 24, 2022
phpMyAdmin SQL injection in Designer feature Critical
CVE-2019-11768 was published for phpmyadmin/phpmyadmin (Composer) May 24, 2022
silverstripe restfulserver and registry modules SQL injection vulnerability Critical
CVE-2019-12149 was published for silverstripe/registry (Composer) May 24, 2022
Contao SQL injection in the file manager Critical
CVE-2019-11512 was published for contao/contao (Composer) May 24, 2022
SaltStack Salt SQL Injection vulnerability in mysql.user_chpass function Critical
CVE-2019-1010259 was published for salt (pip) May 24, 2022
OHDSI WebAPI vulnerable to SQL Injection Critical
CVE-2019-15563 was published for org.ohdsi:WebAPI (Maven) May 24, 2022
tdunlap607
ProTip! Advisories are also available from the GraphQL API