GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
111 advisories
Filter by severity
Yii SQL injection vulnerability
Critical
CVE-2018-7269
was published
for
yiisoft/yii2-dev
(Composer)
May 24, 2022
NukeViet SQL Injection vulnerability
Critical
CVE-2020-21809
was published
for
nukeviet/nukeviet
(Composer)
May 24, 2022
NukeViet SQL Injection vulnerability via topicsid parameter
Critical
CVE-2020-21808
was published
for
nukeviet/nukeviet
(Composer)
May 24, 2022
Dolibarr SQL injection vulnerability in fourn/index.php
Critical
CVE-2017-17900
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in adherents/subscription/info.php
Critical
CVE-2017-17899
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in comm/multiprix.php
Critical
CVE-2017-17897
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in don/list.php
Critical
CVE-2017-14242
was published
for
dolibarr/dolibarr
(Composer)
May 17, 2022
Dolibarr SQL Injection in doli/theme/eldy/style.css.php via the lang parameter
Critical
CVE-2017-7886
was published
for
dolibarr/dolibarr
(Composer)
May 17, 2022
Dolibarr SQL injection vulnerability in admin/menus/edit.php
Critical
CVE-2017-14238
was published
for
dolibarr/dolibarr
(Composer)
May 17, 2022
Dolibarr SQL injection vulnerability
Critical
CVE-2018-10094
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php
Critical
CVE-2018-13448
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php
Critical
CVE-2018-13447
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php
Critical
CVE-2018-13449
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL injection vulnerability in product/card.php
Critical
CVE-2018-13450
was published
for
dolibarr/dolibarr
(Composer)
May 14, 2022
Dolibarr SQL Injection vulnerability
Critical
CVE-2018-9019
was published
for
dolibarr/dolibarr
(Composer)
May 13, 2022
TeamPass SQL injection in users.queries.php
Critical
CVE-2017-9436
was published
for
nilsteampassnet/teampass
(Composer)
May 17, 2022
thinkphp SQL Injection via the index.php s parameter
Critical
CVE-2018-10225
was published
for
topthink/framework
(Composer)
May 14, 2022
ThinkPHP SQL injection vulnerability
Critical
CVE-2018-17566
was published
for
topthink/framework
(Composer)
May 14, 2022
ThinkPHP5 SQL Injection vulnerability
Critical
CVE-2021-44350
was published
for
topthink/framework
(Composer)
Dec 17, 2021
silverstripe restfulserver and registry modules SQL injection vulnerability
Critical
CVE-2019-12149
was published
for
silverstripe/registry
(Composer)
May 24, 2022
Froxlor SQL injection vulnerability
Critical
CVE-2021-42325
was published
for
froxlor/froxlor
(Composer)
May 24, 2022
BEdita vulnerable to SQL injection
Critical
CVE-2019-15570
was published
for
bedita/bedita
(Composer)
May 24, 2022
Contao SQL injection in the backend and listing module
Critical
CVE-2017-16558
was published
for
contao/contao
(Composer)
May 24, 2022
Contao SQL injection in the file manager
Critical
CVE-2019-11512
was published
for
contao/contao
(Composer)
May 24, 2022
Drupal SQL Injection vulnerability
Critical
CVE-2011-2715
was published
for
drupal/core
(Composer)
Apr 22, 2022
ProTip!
Advisories are also available from the
GraphQL API