Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

174 advisories

Loading
SQL injection in opencart High
CVE-2024-21514 was published for opencart/opencart (Composer) Jun 22, 2024
Apache Submarine Server Core has a SQL Injection Vulnerability High
CVE-2024-36263 was published for org.apache.submarine:submarine-server-core (Maven) Jun 12, 2024
ZendFramework SQL injection due to execution of platform-specific SQL containing interpolations High
GHSA-x2f4-8wxf-w3vf was published for zendframework/zendframework (Composer) Jun 7, 2024
TYPO3 CMS Privilege Escalation and SQL Injection High
GHSA-45wj-jv2h-jwrf was published for typo3/cms-core (Composer) May 30, 2024
silverstripe/subsites Unsafe SQL Query Construction (Safe Data Source) High
GHSA-xc69-p8fc-m6m5 was published for silverstripe/subsites (Composer) May 28, 2024
silverstripe/taxonomy SQL Injection vulnerability High
GHSA-p2v5-xcqm-4fv6 was published for silverstripe/taxonomy (Composer) May 28, 2024
silverstripe/framework has potential SQL Injection vulnerability in PostgreSQL database connector High
GHSA-265q-222x-52m6 was published for silverstripe/framework (Composer) May 28, 2024
silverstripe/framework SQL injection in full text search High
GHSA-xx4r-5265-48j6 was published for silverstripe/framework (Composer) May 27, 2024
laravel framework SQL Injection via limit and offset functions High
GHSA-wq8p-mqvg-2p5h was published for laravel/framework (Composer) May 15, 2024
Npgsql vulnerable to SQL Injection via Protocol Message Size Overflow High
CVE-2024-32655 was published for Npgsql (NuGet) May 9, 2024
paul-gerste-sonarsource NinoFloris
LibreNMS vulnerable to a Time-Based Blind SQL injection leads to database extraction High
CVE-2024-32480 was published for librenms/librenms (Composer) Apr 22, 2024
sco4x0
LibreNMS vulnerable to SQL injection time-based leads to database extraction High
CVE-2024-32461 was published for librenms/librenms (Composer) Apr 22, 2024
Louhan-dev
Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability High
CVE-2024-23119 was published for centreon/centreon (Composer) Apr 2, 2024
Centreon updateContactHostCommands SQL Injection Remote Code Execution Vulnerability High
CVE-2024-23118 was published for centreon/centreon (Composer) Apr 2, 2024
Centreon updateContactServiceCommands SQL Injection Remote Code Execution Vulnerability High
CVE-2024-23117 was published for centreon/centreon (Composer) Apr 2, 2024
Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability High
CVE-2024-0637 was published for centreon/centreon (Composer) Apr 2, 2024
Centreon updateLCARelation SQL Injection Remote Code Execution Vulnerability High
CVE-2024-23116 was published for centreon/centreon (Composer) Apr 2, 2024
Centreon updateGroups SQL Injection Remote Code Execution Vulnerability High
CVE-2024-23115 was published for centreon/centreon (Composer) Apr 2, 2024
phpMyFAQ SQL injections at insertentry & saveentry High
CVE-2024-28107 was published for phpmyfaq/phpmyfaq (Composer) Mar 25, 2024
kevinnivekkevin
phpMyFAQ SQL Injection at "Save News" High
CVE-2024-27299 was published for phpmyfaq/phpmyfaq (Composer) Mar 25, 2024
kevinnivekkevin
SQL Injection in Admin download files as zip High
CVE-2024-23646 was published for pimcore/admin-ui-classic-bundle (Composer) Jan 24, 2024
wkania
Authenticated (user role) SQL injection in `OrderAndPaginate` (GHSL-2023-270) High
CVE-2024-22196 was published for github.com/0xJacky/Nginx-UI (Go) Jan 11, 2024
jorgectf
Mingsoft MCMS SQL injection High
CVE-2023-50578 was published for net.mingsoft:ms-mcms (Maven) Dec 30, 2023
MainWP Dashboard SQL Command Injection vulnerability High
CVE-2023-38519 was published for mainwp/mainwp (Composer) Dec 20, 2023
Pimcore SQL Injection in Admin Grid Filter API through Multiselect::getFilterConditionExt() High
CVE-2023-47637 was published for pimcore/pimcore (Composer) Nov 15, 2023
thestr4ng3r
ProTip! Advisories are also available from the GraphQL API