Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,953 advisories

SQL Injection in sql Moderate
GHSA-8f93-rv4p-x4jw was published for sql (npm) Jun 12, 2019
Data leakage via SQL Injection in Pimcore Moderate
CVE-2019-10763 was published for pimcore/pimcore (Composer) Dec 2, 2019
DoS via malicious record IDs in WatermelonDB Moderate
CVE-2020-4035 was published for @nozbe/watermelondb (npm) Jun 3, 2020
SQL injection in Tortoise ORM Moderate
CVE-2020-11010 was published for tortoise-orm (pip) Apr 20, 2020
SQL Injection in sequelize Moderate
CVE-2016-10554 was published for sequelize (npm) Feb 18, 2019
Fat Free CRM vulnerable to SQL Injection Moderate
CVE-2013-7225 was published for fat_free_crm (RubyGems) May 17, 2022
Apache Superset's SQL Alchemy connector vulnerable to SQL Injection Moderate
CVE-2022-41703 was published for apache-superset (pip) Jan 16, 2023
SQL Injection in FreeTAKServer-UI Moderate
CVE-2022-25506 was published for FreeTAKServer-UI (pip) Mar 12, 2022
SQL injection vulnerability in inc/tinybb-settings.php in tinyBB 1.2, when magic_quotes_gpc is... Moderate Unreviewed
CVE-2011-0443 was published May 17, 2022
SQL injection vulnerability in team.php in the Teams Structure module 3.0 for PHP-Fusion allows... Moderate Unreviewed
CVE-2011-0512 was published May 17, 2022
SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, when magic_quotes_gpc is... Moderate Unreviewed
CVE-2010-4752 was published May 17, 2022
SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, when magic_quotes_gpc is... Moderate Unreviewed
CVE-2010-4751 was published May 17, 2022
Multiple SQL injection vulnerabilities in Chipmunk Pwngame 1.0, when magic_quotes_gpc is disabled... Moderate Unreviewed
CVE-2010-4799 was published May 17, 2022
Money Transfer Management System Version 1.0 allows an authenticated user to inject SQL queries... Moderate Unreviewed
CVE-2022-25223 was published Mar 24, 2022
A blind SQL injection vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10... Moderate Unreviewed
CVE-2022-0842 was published Mar 24, 2022
CSZ CMS 1.2.9 has a Time and Boolean-based Blind SQL Injection vulnerability in the endpoint ... Moderate Unreviewed
CVE-2021-43701 was published Mar 30, 2022
SQL injection vulnerability in modules/sections/index.php in E-Xoopport Samsara 3.1 and earlier,... Moderate Unreviewed
CVE-2010-3467 was published May 17, 2022
Multiple SQL injection vulnerabilities in login.php in ApPHP PHP MicroCMS 1.0.1, when... Moderate Unreviewed
CVE-2010-3481 was published May 17, 2022
An issue was discovered in Shopware B2B-Suite through 4.4.1. The sort-by parameter of the search... Moderate Unreviewed
CVE-2022-24956 was published Mar 30, 2022
An SQL Injection vulnerability exists in oasys oa_system as of 9/7/2021 in resources/mappers... Moderate Unreviewed
CVE-2021-40644 was published Mar 31, 2022
An SQL Injection vulnerability exists in glorylion JFinalOA as of 9/7/2021 in the defkey... Moderate Unreviewed
CVE-2021-40645 was published Mar 31, 2022
Simple Student Information System v1.0 was discovered to contain a SQL injection vulnerability... Moderate Unreviewed
CVE-2022-24231 was published Apr 6, 2022
Online Banking System in PHP v1 was discovered to contain multiple SQL injection vulnerabilities... Moderate Unreviewed
CVE-2022-27991 was published Apr 9, 2022
zbzcms v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php... Moderate Unreviewed
CVE-2022-27127 was published Apr 11, 2022
SQL injection vulnerability in index.php in GaleriaSHQIP 1.0, when magic_quotes_gpc is disabled,... Moderate Unreviewed
CVE-2010-3207 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API