GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
202 advisories
Filter by severity
Moodle SQL Injection vulnerability
Critical
CVE-2021-36393
was published
for
moodle/moodle
(Composer)
Mar 6, 2023
Moodle SQL Injection vulnerability
Critical
CVE-2021-36392
was published
for
moodle/moodle
(Composer)
Mar 6, 2023
SQL Injection in Funadmin
Critical
CVE-2023-24781
was published
for
funadmin/funadmin
(Composer)
Mar 7, 2023
SQL Injection in Funadmin
Critical
CVE-2023-24775
was published
for
funadmin/funadmin
(Composer)
Mar 7, 2023
SQL Injection in Funadmin
Critical
CVE-2023-24780
was published
for
funadmin/funadmin
(Composer)
Mar 8, 2023
SQL Injection in Funadmin
Critical
CVE-2023-24773
was published
for
funadmin/funadmin
(Composer)
Mar 8, 2023
SQL Injection in Funadmin
Critical
CVE-2023-24782
was published
for
funadmin/funadmin
(Composer)
Mar 8, 2023
SQL Injection in Funadmin
Critical
CVE-2023-24777
was published
for
funadmin/funadmin
(Composer)
Mar 9, 2023
Funadmin vulnerable to SQL injection
Critical
CVE-2023-24774
was published
for
funadmin/funadmin
(Composer)
Mar 10, 2023
jeecg-boot SQL Injection vulnerability
Critical
CVE-2023-1454
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Mar 17, 2023
jeecg-boot vulnerable to SQL injection
Critical
CVE-2023-1741
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Mar 31, 2023
Ming-Soft MCMS vulnerable to SQL injection
Critical
CVE-2020-20913
was published
for
net.mingsoft:ms-mcms
(Maven)
Apr 4, 2023
Withdrawn: SQL injection in Yii 2
Critical
CVE-2023-26750
was published
for
yiisoft/yii2
(Composer)
Apr 4, 2023
•
withdrawn
MyBatis-Plus vulnerable to SQL injection via TenantPlugin
Critical
CVE-2023-25330
was published
for
com.baomidou:mybatis-plus
(Maven)
Apr 5, 2023
SQL filter bypass leading to arbitrary write requests using "SQL Manager"
Critical
CVE-2023-30839
was published
for
prestashop/prestashop
(Composer)
Apr 25, 2023
jeecg-boot SQL injection vulnerability
Critical
CVE-2023-34659
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Jun 16, 2023
postgraas-server vulnerable to SQL injection
Critical
CVE-2018-25088
was published
for
postgraas-server
(pip)
Jul 18, 2023
SQL injection in audit endpoint
Critical
CVE-2023-35088
was published
for
org.apache.inlong:manager-service
(Maven)
Jul 25, 2023
SQL injection in jeecg-boot
Critical
CVE-2023-38992
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Jul 28, 2023
PrestaShop SQL manager vulnerability
Critical
CVE-2023-39526
was published
for
prestashop/prestashop
(Composer)
Aug 9, 2023
Jeecg boot SQL Injection vulnerability
Critical
CVE-2023-42268
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Sep 8, 2023
OpenRefine Remote Code execution in project import with mysql jdbc url attack
Critical
CVE-2023-41887
was published
for
org.openrefine:database
(Maven)
Sep 12, 2023
FUXA SQL Injection vulnerability
Critical
CVE-2023-31719
was published
for
fuxa-server
(npm)
Sep 22, 2023
SQL injection in jeecgboot
Critical
CVE-2023-40989
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Sep 22, 2023
Langchain SQL Injection vulnerability
Critical
CVE-2023-32785
was published
for
langchain
(pip)
Oct 21, 2023
ProTip!
Advisories are also available from the
GraphQL API