GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
174 advisories
Filter by severity
SQL injection in Apache DolphinScheduler
High
CVE-2021-27644
was published
for
org.apache.dolphinscheduler:dolphinscheduler-server
(Maven)
Nov 3, 2021
Unauthenticated SQL Injection in Cachet
High
CVE-2021-39165
was published
for
cachethq/cachet
(Composer)
Aug 30, 2021
SQL injection in pimcore/pimcore
High
CVE-2021-23405
was published
for
pimcore/pimcore
(Composer)
Jul 13, 2021
SQL Injection in pimcore
High
CVE-2020-7759
was published
for
pimcore/pimcore
(Composer)
May 6, 2021
SQL Injection via in django-debug-toolbar
High
CVE-2021-30459
was published
for
django-debug-toolbar
(pip)
Apr 16, 2021
SQL Injection in librenms
High
CVE-2020-35700
was published
for
librenms/librenms
(Composer)
May 6, 2021
Rating Script Service expose XWiki to SQL injection
High
CVE-2021-21380
was published
for
org.xwiki.platform:xwiki-platform-ratings-api
(Maven)
Mar 23, 2021
SQL Injection in LibreNMS
High
CVE-2019-10671
was published
for
librenms/librenms
(Composer)
Oct 11, 2019
SQL Injection in LibreNMS
High
CVE-2019-12465
was published
for
librenms/librenms
(Composer)
Oct 11, 2019
BlockWishList SQL Injection vulnerability
High
CVE-2022-31101
was published
for
prestashop/blockwishlist
(Composer)
Jun 25, 2022
Centreon SQL Injection vulnerability via esc_name parameter
High
CVE-2022-40043
was published
for
centreon/centreon
(Composer)
Sep 27, 2022
@cubejs-backend/api-gateway row level security bypass
High
CVE-2022-23510
was published
for
@cubejs-backend/api-gateway
(npm)
Dec 12, 2022
SQL Injection in dolibarr
High
CVE-2022-0224
was published
for
dolibarr/dolibarr
(Composer)
Jan 21, 2022
SQL Injection found in Dataease
High
CVE-2022-34114
was published
for
io.dataease:dataease-plugin-common
(Maven)
Jul 23, 2022
Improper quoting of columns when using setOrderBy() or setGroupBy() on listing classes in Pimcore
High
CVE-2022-31092
was published
for
pimcore/pimcore
(Composer)
Jun 22, 2022
SQL injection in jflyfox jfinal
High
CVE-2022-30500
was published
for
com.jflyfox:jflyfox_jfinal
(Maven)
May 27, 2022
exceedone/exment and exceedone/laravel-admin SQL Injection vulnerability
High
CVE-2022-37333
was published
for
exceedone/exment
(Composer)
Aug 25, 2022
SQL injection in helloxz/imgurl
High
CVE-2022-29305
was published
for
helloxz/imgurl
(Composer)
May 25, 2022
SQL Injection found in Pimcore
High
CVE-2022-1429
was published
for
pimcore/pimcore
(Composer)
Apr 23, 2022
SQL Injection in Pimcore
High
CVE-2022-1339
was published
for
pimcore/pimcore
(Composer)
Apr 14, 2022
SQL Injection when creating an application with Reactive SQL backend
High
CVE-2022-24815
was published
for
generator-jhipster
(npm)
Apr 7, 2022
SQL Injection in Pimcore
High
CVE-2022-1219
was published
for
pimcore/pimcore
(Composer)
Apr 9, 2022
ProTip!
Advisories are also available from the
GraphQL API