GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
231 advisories
Filter by severity
GeniXCMS SQL injection vulnerability
High
CVE-2016-10096
was published
for
genix/cms
(Composer)
May 17, 2022
Zend Framework SQL injection vector using null byte for PDO
Critical
CVE-2015-7695
was published
for
zendframework/zendframework1
(Composer)
May 17, 2022
CiviCRM SQL injection vulnerability via Quick Search API
Moderate
CVE-2013-4662
was published
for
civicrm/civicrm-core
(Composer)
May 17, 2022
TYPO3 SQL injection vulnerability in the Extbase Framework
High
CVE-2013-1842
was published
for
typo3/cms-core
(Composer)
May 17, 2022
SQL injection in moodle
Critical
CVE-2022-30599
was published
for
moodle/moodle
(Composer)
May 19, 2022
Contao SQL injection in the backend and listing module
Critical
CVE-2017-16558
was published
for
contao/contao
(Composer)
May 24, 2022
phpMyAdmin SQL injection in Designer feature
Critical
CVE-2019-11768
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
silverstripe restfulserver and registry modules SQL injection vulnerability
Critical
CVE-2019-12149
was published
for
silverstripe/registry
(Composer)
May 24, 2022
Contao SQL injection in the file manager
Critical
CVE-2019-11512
was published
for
contao/contao
(Composer)
May 24, 2022
BEdita vulnerable to SQL injection
Critical
CVE-2019-15570
was published
for
bedita/bedita
(Composer)
May 24, 2022
url_redirect for Typo3 SQLi Vulnerability
High
CVE-2019-16682
was published
for
sfroemken/url_redirect
(Composer)
May 24, 2022
Yii SQL injection vulnerability
Critical
CVE-2018-7269
was published
for
yiisoft/yii2-dev
(Composer)
May 24, 2022
Zend Framework Allows SQL Injection
Critical
CVE-2015-0270
was published
for
zendframework/zend-db
(Composer)
May 24, 2022
Magento 2 Community Edition SQLi Vulnerability
High
CVE-2019-8127
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento SQL injection vulnerability
High
CVE-2019-8130
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento SQL injection via marketing account with access to email templates variables
High
CVE-2019-8134
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento Injection vulnerability via email templates
Moderate
CVE-2019-8143
was published
for
magento/community-edition
(Composer)
May 24, 2022
phpMyAdmin SQL injection in user accounts page
High
CVE-2020-5504
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
Magento sql injection vulnerability
High
CVE-2020-3719
was published
for
magento/community-edition
(Composer)
May 24, 2022
Dolibarr ERP and CRM SQLi
High
CVE-2019-19209
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
phpMyAdmin SQL injection vulnerability
Moderate
CVE-2020-10803
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
phpMyAdmin SQL injection vulnerability
High
CVE-2020-10802
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
phpMyAdmin SQL Injection
High
CVE-2020-10804
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
Dolibarr SQL injection vulnerability in accountancy/customer/card.php
High
CVE-2020-14443
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API