GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
202 advisories
Filter by severity
Dolibarr SQL injection vulnerability in product/card.php
Critical
CVE-2018-13449
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php
Critical
CVE-2018-13447
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php
Critical
CVE-2018-13448
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability
Critical
CVE-2018-10094
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
thinkphp SQL Injection via the index.php s parameter
Critical
CVE-2018-10225
was published
for
topthink/framework
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in fourn/index.php
Critical
CVE-2017-17900
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in adherents/subscription/info.php
Critical
CVE-2017-17899
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in comm/multiprix.php
Critical
CVE-2017-17897
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in admin/menus/edit.php
Critical
CVE-2017-14238
was published
for
dolibarr/dolibarr
(Composer)
May 17, 2022
Dolibarr SQL injection vulnerability in don/list.php
Critical
CVE-2017-14242
was published
for
dolibarr/dolibarr
(Composer)
May 17, 2022
Moodle SQL injection via user preferences
Critical
CVE-2017-2641
was published
for
moodle/moodle
(Composer)
May 17, 2022
New Relic .NET Agent contains SQL Injection
Critical
CVE-2017-9246
was published
for
NewRelic.Agent
(NuGet)
May 17, 2022
ADOdb Library SQL Injection
Critical
CVE-2016-7405
was published
for
adodb/adodb-php
(Composer)
May 17, 2022
TeamPass SQL injection in users.queries.php
Critical
CVE-2017-9436
was published
for
nilsteampassnet/teampass
(Composer)
May 17, 2022
Dolibarr ERP and CRM SQLi
Critical
CVE-2017-9435
was published
for
dolibarr/dolibarr
(Composer)
May 17, 2022
Dolibarr SQL Injection in doli/theme/eldy/style.css.php via the lang parameter
Critical
CVE-2017-7886
was published
for
dolibarr/dolibarr
(Composer)
May 17, 2022
Zend Framework SQL injection vector using null byte for PDO
Critical
CVE-2015-7695
was published
for
zendframework/zendframework1
(Composer)
May 17, 2022
SQL injection in moodle
Critical
CVE-2022-30599
was published
for
moodle/moodle
(Composer)
May 19, 2022
Contao SQL injection in the backend and listing module
Critical
CVE-2017-16558
was published
for
contao/contao
(Composer)
May 24, 2022
phpMyAdmin SQL injection in Designer feature
Critical
CVE-2019-11768
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
silverstripe restfulserver and registry modules SQL injection vulnerability
Critical
CVE-2019-12149
was published
for
silverstripe/registry
(Composer)
May 24, 2022
Contao SQL injection in the file manager
Critical
CVE-2019-11512
was published
for
contao/contao
(Composer)
May 24, 2022
SaltStack Salt SQL Injection vulnerability in mysql.user_chpass function
Critical
CVE-2019-1010259
was published
for
salt
(pip)
May 24, 2022
OHDSI WebAPI vulnerable to SQL Injection
Critical
CVE-2019-15563
was published
for
org.ohdsi:WebAPI
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API