GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,832
Maven
5,000+
npm
3,573
NuGet
632
pip
3,158
Pub
10
RubyGems
847
Rust
797
Swift
34
Unreviewed advisories
All unreviewed
5,000+
178 advisories
Filter by severity
SQL injection when using MySQL/PostgreSQL data checking
High
CVE-2023-33967
was published
for
github.com/megaease/easeprobe
(Go)
Jun 6, 2023
activerecord vulnerable to SQL Injection
High
CVE-2011-2930
was published
for
activerecord
(RubyGems)
Oct 24, 2017
activerecord vulnerable to SQL Injection
High
CVE-2012-2695
was published
for
activerecord
(RubyGems)
Oct 24, 2017
Active Record contains SQL Injection via improper range quoting
High
CVE-2014-3483
was published
for
activerecord
(RubyGems)
Oct 24, 2017
Daylight Studio FUEL-CMS SQLi Vulnerability
High
CVE-2020-24950
was published
for
codeigniter/framework
(Composer)
Aug 11, 2023
activerecord vulnerable to SQL Injection
High
CVE-2011-0448
was published
for
activerecord
(RubyGems)
Oct 24, 2017
ipandlanguageredirect extension vulnerable to SQL Injection
High
CVE-2023-35782
was published
for
in2code/ipandlanguageredirect
(Composer)
Jun 16, 2023
SpringBlade vulnerable to SQL injection
High
CVE-2023-40787
was published
for
org.springblade:blade-core-tool
(Maven)
Aug 29, 2023
Rails ActiveRecord gem vulnerable to SQL injection
High
CVE-2008-4094
was published
for
activerecord
(RubyGems)
Oct 24, 2017
pimcore/customer-management-framework-bundle has SQL Injection vulnerability in Segment Assignment query
High
CVE-2023-2756
was published
for
pimcore/customer-management-framework-bundle
(Composer)
May 17, 2023
SQL injection in Liferay Portal
High
CVE-2023-33945
was published
for
com.liferay.portal:release.portal.bom
(Maven)
May 24, 2023
FUXA SQL Injection vulnerability
High
CVE-2023-31717
was published
for
fuxa-server
(npm)
Sep 22, 2023
Active Record contains SQL Injection
High
CVE-2012-6496
was published
for
activerecord
(RubyGems)
Oct 24, 2017
SQL Injection in Apache InLong
High
CVE-2023-43667
was published
for
org.apache.inlong:inlong
(Maven)
Oct 16, 2023
SQL injection in librenms/librenms
High
CVE-2023-5591
was published
for
librenms/librenms
(Composer)
Oct 16, 2023
DataEase vulnerable to SQL injection
High
CVE-2023-40771
was published
for
io.dataease:dataease-plugin-common
(Maven)
Sep 1, 2023
Pimcore SQL Injection vulnerability
High
CVE-2023-3673
was published
for
pimcore/pimcore
(Composer)
Jul 14, 2023
Pimcore vulnerable to SQL Injection in Dataobjects sorting
High
CVE-2023-3820
was published
for
pimcore/pimcore
(Composer)
Jul 21, 2023
PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names
High
CVE-2022-31197
was published
for
org.postgresql:postgresql
(Maven)
Aug 6, 2022
Knex.js has a limited SQL injection vulnerability
High
CVE-2016-20018
was published
for
knex
(npm)
Dec 19, 2022
Dolibarr ERP and CRM SQLi
High
CVE-2019-19209
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
url_redirect for Typo3 SQLi Vulnerability
High
CVE-2019-16682
was published
for
sfroemken/url_redirect
(Composer)
May 24, 2022
Pivotal Concourse SQL Injection Vulnerability
High
CVE-2019-3792
was published
for
github.com/concourse/concourse
(Go)
Feb 15, 2022
Centreon SQL Injection
High
CVE-2018-19312
was published
for
centreon/centreon
(Composer)
May 14, 2022
Centreon SQL Injection
High
CVE-2018-19271
was published
for
centreon/centreon
(Composer)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API