Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,832
Maven
5,000+
npm
3,573
NuGet
632
pip
3,158
Pub
10
RubyGems
847
Rust
797
Swift
34
Unreviewed advisories
All unreviewed
5,000+

178 advisories

Loading
IBAX go-ibax vulnerable to SQL injection High
CVE-2022-3800 was published for github.com/IBAX-io/go-ibax (Go) Nov 1, 2022
IBAX go-ibax vulnerable to SQL injection High
CVE-2022-3798 was published for github.com/IBAX-io/go-ibax (Go) Nov 1, 2022
MunkiReport Software Update module is vulnerable to SQL injection High
CVE-2020-15887 was published for munkireport/softwareupdate (Composer) May 24, 2022
MunkiReport reportdata module SQL injection vulnerability High
CVE-2020-15886 was published for munkireport/reportdata (Composer) May 24, 2022
GeniXCMS SQL Injection High
CVE-2017-8377 was published for genix/cms (Composer) May 17, 2022
GeniXCMS SQL injection vulnerability High
CVE-2016-10096 was published for genix/cms (Composer) May 17, 2022
GeniXCMS SQL injection vulnerability High
CVE-2017-5346 was published for genix/cms (Composer) May 14, 2022
Contao core SQL Injection Vulnerability High
CVE-2012-4383 was published for contao/core (Composer) Apr 23, 2022
Openstack ironic-inspector has SQL injection vulnerability in node_cache High
CVE-2019-10141 was published for ironic-inspector (pip) May 24, 2022
SQLAlchemy vulnerable to SQL injection High
CVE-2012-0805 was published for SQLAlchemy (pip) May 14, 2022
PyWebDAV SQL Injection vulnerability High
CVE-2011-0432 was published for pywebdav (pip) May 17, 2022
Npgsql vulnerable to SQL Injection via Protocol Message Size Overflow High
CVE-2024-32655 was published for Npgsql (NuGet) May 9, 2024
paul-gerste-sonarsource NinoFloris
Magento SQL injection vulnerability High
CVE-2019-8130 was published for magento/community-edition (Composer) May 24, 2022
laravel framework SQL Injection via limit and offset functions High
GHSA-wq8p-mqvg-2p5h was published for laravel/framework (Composer) May 15, 2024
Magento SQL injection via marketing account with access to email templates variables High
CVE-2019-8134 was published for magento/community-edition (Composer) May 24, 2022
silverstripe/framework SQL injection in full text search High
GHSA-xx4r-5265-48j6 was published for silverstripe/framework (Composer) May 27, 2024
silverstripe/framework has potential SQL Injection vulnerability in PostgreSQL database connector High
GHSA-265q-222x-52m6 was published for silverstripe/framework (Composer) May 28, 2024
silverstripe/taxonomy SQL Injection vulnerability High
GHSA-p2v5-xcqm-4fv6 was published for silverstripe/taxonomy (Composer) May 28, 2024
silverstripe/subsites Unsafe SQL Query Construction (Safe Data Source) High
GHSA-xc69-p8fc-m6m5 was published for silverstripe/subsites (Composer) May 28, 2024
TYPO3 CMS Privilege Escalation and SQL Injection High
GHSA-45wj-jv2h-jwrf was published for typo3/cms-core (Composer) May 30, 2024
ZendFramework SQL injection due to execution of platform-specific SQL containing interpolations High
GHSA-x2f4-8wxf-w3vf was published for zendframework/zendframework (Composer) Jun 7, 2024
Apache Submarine Server Core has a SQL Injection Vulnerability High
CVE-2024-36263 was published for org.apache.submarine:submarine-server-core (Maven) Jun 12, 2024
SQL injection in opencart High
CVE-2024-21514 was published for opencart/opencart (Composer) Jun 22, 2024
SQL injection in hibernate-core High
CVE-2020-25638 was published for org.hibernate:hibernate-core (Maven) Feb 9, 2022
vmvarga mpihelgas
pgAdmin is affected by a multi-factor authentication bypass vulnerability High
CVE-2024-4215 was published for pgadmin4 (pip) May 2, 2024
ProTip! Advisories are also available from the GraphQL API