Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+

97 advisories

Loading
SQL Server LIMIT / OFFSET SQL Injection in laravel/framework and illuminate/database High
GHSA-4mg9-vhxq-vm7j was published for illuminate/database (Composer) Apr 29, 2021
Content object state fetch functions open to SQL injection High
GHSA-jpwx-ffjq-wr4w was published for ezsystems/ezpublish-legacy (Composer) Sep 7, 2021
Possible SQL injection in tablelookupwizard Contao Extension High
GHSA-v3mr-gp7j-pw5w was published for terminal42/contao-tablelookupwizard (Composer) Feb 10, 2022
SQL Injection in Moodle High
CVE-2022-0983 was published for moodle/moodle (Composer) Mar 26, 2022
SQL Injection in Yeswiki High
CVE-2021-43091 was published for yeswiki/yeswiki (Composer) Mar 26, 2022
SQL Injection in Fork CMS High
CVE-2022-0153 was published for forkcms/forkcms (Composer) Mar 25, 2022
SQL Injection in Fork CMS High
CVE-2022-1064 was published for forkcms/forkcms (Composer) Mar 26, 2022
SQL Injection in Dolibarr High
CVE-2021-36625 was published for dolibarr/dolibarr (Composer) Apr 1, 2022
SQL Injection in Pimcore High
CVE-2022-1219 was published for pimcore/pimcore (Composer) Apr 9, 2022
SQL Injection in Pimcore High
CVE-2022-1339 was published for pimcore/pimcore (Composer) Apr 14, 2022
SQL Injection found in Pimcore High
CVE-2022-1429 was published for pimcore/pimcore (Composer) Apr 23, 2022
SQL injection in helloxz/imgurl High
CVE-2022-29305 was published for helloxz/imgurl (Composer) May 25, 2022
exceedone/exment and exceedone/laravel-admin SQL Injection vulnerability High
CVE-2022-37333 was published for exceedone/exment (Composer) Aug 25, 2022
Improper quoting of columns when using setOrderBy() or setGroupBy() on listing classes in Pimcore High
CVE-2022-31092 was published for pimcore/pimcore (Composer) Jun 22, 2022
SQL Injection in dolibarr High
CVE-2022-0224 was published for dolibarr/dolibarr (Composer) Jan 21, 2022
Centreon SQL Injection vulnerability via esc_name parameter High
CVE-2022-40043 was published for centreon/centreon (Composer) Sep 27, 2022
BlockWishList SQL Injection vulnerability High
CVE-2022-31101 was published for prestashop/blockwishlist (Composer) Jun 25, 2022
haidv35
SQL Injection in LibreNMS High
CVE-2019-12465 was published for librenms/librenms (Composer) Oct 11, 2019
SQL Injection in LibreNMS High
CVE-2019-10671 was published for librenms/librenms (Composer) Oct 11, 2019
SQL Injection in librenms High
CVE-2020-35700 was published for librenms/librenms (Composer) May 6, 2021
SQL Injection in pimcore High
CVE-2020-7759 was published for pimcore/pimcore (Composer) May 6, 2021
SQL Injection in t3/dce High
CVE-2021-31777 was published for t3/dce (Composer) Jun 8, 2021
SQL injection in pimcore/pimcore High
CVE-2021-23405 was published for pimcore/pimcore (Composer) Jul 13, 2021
Unauthenticated SQL Injection in Cachet High
CVE-2021-39165 was published for cachethq/cachet (Composer) Aug 30, 2021
phith0n
SQL injection in jackalope/jackalope-doctrine-dbal High
CVE-2021-43822 was published for jackalope/jackalope-doctrine-dbal (Composer) Dec 14, 2021
alexander-schranz
ProTip! Advisories are also available from the GraphQL API