GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
202 advisories
Filter by severity
SQL Injection in Subrion CMS
Critical
CVE-2020-18155
was published
for
intelliants/subrion
(Composer)
Sep 8, 2021
SQL Injection in medoo
Critical
CVE-2019-10762
was published
for
catfan/medoo
(Composer)
Oct 12, 2021
SQL Injection in Couchbase Sync Gateway
Critical
CVE-2019-9039
was published
for
github.com/couchbase/sync_gateway
(Go)
Feb 15, 2022
Centreon allows SNMP trap SQL Injection
Critical
CVE-2018-19281
was published
for
centreon/centreon
(Composer)
May 14, 2022
SQL injection in moodle
Critical
CVE-2022-30599
was published
for
moodle/moodle
(Composer)
May 19, 2022
ADOdb Library SQL Injection
Critical
CVE-2016-7405
was published
for
adodb/adodb-php
(Composer)
May 17, 2022
SQLAlchemy vulnerable to SQL Injection via order_by parameter
Critical
CVE-2019-7164
was published
for
SQLAlchemy
(pip)
Apr 16, 2019
SQL injection in apache-superset
Critical
CVE-2022-27479
was published
for
apache-superset
(pip)
Apr 14, 2022
SQL Injection in marginalia
Critical
CVE-2019-1010191
was published
for
marginalia
(RubyGems)
Jul 26, 2019
mysql-bunuuid-rails vulnerable to SQL injection
Critical
CVE-2018-18476
was published
for
mysql-binuuid-rails
(RubyGems)
Oct 30, 2018
Django `Trunc()` and `Extract()` database functions vulnerable to SQL Injection
Critical
CVE-2022-34265
was published
for
django
(pip)
Jul 5, 2022
feathers-sequelize vulnerable to SQL injection due to improper parameter filtering
Critical
CVE-2022-29822
was published
for
feathers-sequelize
(npm)
Oct 26, 2022
Dolibarr ERP and CRM SQLi
Critical
CVE-2017-9435
was published
for
dolibarr/dolibarr
(Composer)
May 17, 2022
ThinkPHP SQLi Vulnerability
Critical
CVE-2018-18529
was published
for
topthink/framework
(Composer)
May 14, 2022
ThinkPHP SQLi Vulnerability
Critical
CVE-2018-18546
was published
for
topthink/framework
(Composer)
May 14, 2022
ThinkPHP SQLi Vulnerability
Critical
CVE-2018-18530
was published
for
topthink/framework
(Composer)
May 14, 2022
baserCMS SQL Injection vulnerability
Critical
CVE-2017-10842
was published
for
baserproject/basercms
(Composer)
May 14, 2022
SQL Injection in tribalsystems/zenario
Critical
CVE-2021-26830
was published
for
tribalsystems/zenario
(Composer)
Mar 18, 2022
ProTip!
Advisories are also available from the
GraphQL API