Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,641
Erlang
29
GitHub Actions
16
Go
1,704
Maven
4,937
npm
3,469
NuGet
601
pip
2,978
Pub
10
RubyGems
826
Rust
769
Swift
34
Unreviewed advisories
All unreviewed
5,000+

15 advisories

A vulnerability classified as problematic was found in Limbas 5.2.14. Affected by this... Low Unreviewed
CVE-2024-1784 was published Feb 23, 2024
An SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility... Low Unreviewed
CVE-2024-23603 was published Feb 14, 2024
A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the... Low Unreviewed
CVE-2023-47219 was published Jan 5, 2024
Gila CMS SQL Injection vulnerability Low
CVE-2020-26625 was published for gilacms/gila (Composer) Jan 3, 2024
Gila CMS SQL Injection vulnerability Low
CVE-2020-26624 was published for gilacms/gila (Composer) Jan 3, 2024
Flyte Admin SQL Injection in List Filters Low
CVE-2023-41891 was published for github.com/flyteorg/flyteadmin (Go) Oct 27, 2023
Sanjana-Sarda
REDCap 12.0.26 LTS and 12.3.2 Standard allows SQL Injection via scheduling, repeatforms, purpose,... Low Unreviewed
CVE-2023-37361 was published Jul 25, 2023
RuoYi Uncontrolled Resource Consumption vulnerability Low
CVE-2023-3163 was published for com.ruoyi:ruoyi (Maven) Jun 8, 2023
A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive... Low Unreviewed
CVE-2022-3710 was published Dec 1, 2022
In MMSProvider, there is a possible read of protected data due to improper input validationSQL... Low Unreviewed
CVE-2022-20280 was published Aug 13, 2022
SugarCRM before 10.1.0 (Q3 2020) allows SQL Injection. Low Unreviewed
CVE-2020-17373 was published May 24, 2022
** DISPUTED ** MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via the vendor... Low Unreviewed
CVE-2018-6382 was published May 14, 2022
sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated... Low Unreviewed
CVE-2006-7232 was published May 1, 2022
SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1 allows remote authenticated... Low Unreviewed
CVE-2006-2103 was published May 1, 2022
Blind SQL injection in PrestaShop productcomments module Low
CVE-2020-26248 was published for prestashop/productcomments (Composer) Jan 20, 2021
0xfadam
ProTip! Advisories are also available from the GraphQL API