Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,832
Maven
5,000+
npm
3,573
NuGet
632
pip
3,158
Pub
10
RubyGems
847
Rust
797
Swift
34
Unreviewed advisories
All unreviewed
5,000+

178 advisories

Loading
SQL injection when using MySQL/PostgreSQL data checking High
CVE-2023-33967 was published for github.com/megaease/easeprobe (Go) Jun 6, 2023
oxeye-gal oxeye-daniel
activerecord vulnerable to SQL Injection High
CVE-2011-2930 was published for activerecord (RubyGems) Oct 24, 2017
activerecord vulnerable to SQL Injection High
CVE-2012-2695 was published for activerecord (RubyGems) Oct 24, 2017
Active Record contains SQL Injection via improper range quoting High
CVE-2014-3483 was published for activerecord (RubyGems) Oct 24, 2017
Daylight Studio FUEL-CMS SQLi Vulnerability High
CVE-2020-24950 was published for codeigniter/framework (Composer) Aug 11, 2023
activerecord vulnerable to SQL Injection High
CVE-2011-0448 was published for activerecord (RubyGems) Oct 24, 2017
tdunlap607
ipandlanguageredirect extension vulnerable to SQL Injection High
CVE-2023-35782 was published for in2code/ipandlanguageredirect (Composer) Jun 16, 2023
SpringBlade vulnerable to SQL injection High
CVE-2023-40787 was published for org.springblade:blade-core-tool (Maven) Aug 29, 2023
Rails ActiveRecord gem vulnerable to SQL injection High
CVE-2008-4094 was published for activerecord (RubyGems) Oct 24, 2017
jasnow
pimcore/customer-management-framework-bundle has SQL Injection vulnerability in Segment Assignment query High
CVE-2023-2756 was published for pimcore/customer-management-framework-bundle (Composer) May 17, 2023
JoMC98
SQL injection in Liferay Portal High
CVE-2023-33945 was published for com.liferay.portal:release.portal.bom (Maven) May 24, 2023
FUXA SQL Injection vulnerability High
CVE-2023-31717 was published for fuxa-server (npm) Sep 22, 2023
Active Record contains SQL Injection High
CVE-2012-6496 was published for activerecord (RubyGems) Oct 24, 2017
SQL Injection in Apache InLong High
CVE-2023-43667 was published for org.apache.inlong:inlong (Maven) Oct 16, 2023
SQL injection in librenms/librenms High
CVE-2023-5591 was published for librenms/librenms (Composer) Oct 16, 2023
DataEase vulnerable to SQL injection High
CVE-2023-40771 was published for io.dataease:dataease-plugin-common (Maven) Sep 1, 2023
Pimcore SQL Injection vulnerability High
CVE-2023-3673 was published for pimcore/pimcore (Composer) Jul 14, 2023
Pimcore vulnerable to SQL Injection in Dataobjects sorting High
CVE-2023-3820 was published for pimcore/pimcore (Composer) Jul 21, 2023
hiu240900
PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names High
CVE-2022-31197 was published for org.postgresql:postgresql (Maven) Aug 6, 2022
kato-sho JBrown0x90
Knex.js has a limited SQL injection vulnerability High
CVE-2016-20018 was published for knex (npm) Dec 19, 2022
alokmenghrajani pmartinat
tdunlap607
Dolibarr ERP and CRM SQLi High
CVE-2019-19209 was published for dolibarr/dolibarr (Composer) May 24, 2022
url_redirect for Typo3 SQLi Vulnerability High
CVE-2019-16682 was published for sfroemken/url_redirect (Composer) May 24, 2022
Pivotal Concourse SQL Injection Vulnerability High
CVE-2019-3792 was published for github.com/concourse/concourse (Go) Feb 15, 2022
Centreon SQL Injection High
CVE-2018-19312 was published for centreon/centreon (Composer) May 14, 2022
Centreon SQL Injection High
CVE-2018-19271 was published for centreon/centreon (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API