Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,463
Erlang
33
GitHub Actions
22
Go
2,159
Maven
5,000+
npm
3,821
NuGet
696
pip
3,502
Pub
12
RubyGems
904
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

72 advisories

Loading
Jeecg-boot SQL Injection vulnerability Moderate
CVE-2023-38905 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Aug 17, 2023
PrestaShop boolean SQL injection Moderate
CVE-2023-39524 was published for prestashop/prestashop (Composer) Aug 9, 2023
Apache InLong SQL Injection vulnerability Moderate
CVE-2023-30465 was published for org.apache.inlong:manager-pojo (Maven) Jul 6, 2023
Moodle vulnerable to SQL Injection Moderate
CVE-2023-35132 was published for moodle/moodle (Composer) Jun 22, 2023
JeecgBoot vulnerable to SQL injection in queryTableDictItemsByCode Moderate
CVE-2023-34602 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Jun 19, 2023
JeecgBoot vulnerable to SQL injection in queryFilterTableDictInfo Moderate
CVE-2023-34603 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Jun 19, 2023
HashiCorp Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File Moderate
CVE-2023-0620 was published for github.com/hashicorp/vault (Go) Mar 30, 2023
oxeye-daniel
Pimcore vulnerable to improper quoting of filters in Custom Reports Moderate
CVE-2023-28438 was published for pimcore/pimcore (Composer) Mar 22, 2023
Pimcore Remote Code Execution vulnerability in Search function Moderate
CVE-2023-1578 was published for pimcore/pimcore (Composer) Mar 22, 2023
Apache Superset's SQL Alchemy connector vulnerable to SQL Injection Moderate
CVE-2022-41703 was published for apache-superset (pip) Jan 16, 2023
a12nserver vulnerable to potential SQL Injections via Knex dependency Moderate
GHSA-crhg-xgrg-vvcc was published for @curveball/a12n-server (npm) Jan 13, 2023
Jeecg-boot vulnerable to SQL Injection Moderate
CVE-2022-45210 was published for org.jeecgframework.boot:jeecg-boot-common (Maven) Nov 25, 2022
Jeecg-boot vulnerable to SQL injection via /sys/user/putRecycleBin Moderate
CVE-2022-45208 was published for org.jeecgframework.boot:jeecg-boot-common (Maven) Nov 25, 2022
Matrix-appservice-irc vulnerable to sql injection via roomIds argument Moderate
CVE-2022-3971 was published for matrix-appservice-irc (npm) Nov 13, 2022
OpenCart SQL injection vulnerability Moderate
CVE-2021-37823 was published for opencart/opencart (Composer) Nov 3, 2022
update_by_case before 0.1.3 can be vulnerable to sql injection Moderate
CVE-2022-35956 was published for update_by_case (RubyGems) Aug 11, 2022
LibreNMS SQL Injection vulnerability Moderate
CVE-2020-15873 was published for librenms/librenms (Composer) May 24, 2022
phpMyAdmin SQL injection vulnerability Moderate
CVE-2020-10803 was published for phpmyadmin/phpmyadmin (Composer) May 24, 2022
Magento Injection vulnerability via email templates Moderate
CVE-2019-8143 was published for magento/community-edition (Composer) May 24, 2022
Fat Free CRM vulnerable to SQL Injection Moderate
CVE-2013-7225 was published for fat_free_crm (RubyGems) May 17, 2022
CiviCRM SQL injection vulnerability via Quick Search API Moderate
CVE-2013-4662 was published for civicrm/civicrm-core (Composer) May 17, 2022
Improper Neutralization of Special Elements used in an SQL Command Pivotal Spring Data JPA Moderate
CVE-2016-6652 was published for org.springframework.data:spring-data-jpa (Maven) May 17, 2022
Typo3 Backend History Module Vulnerable to SQL Injection Moderate
CVE-2012-6144 was published for typo3/cms (Composer) May 17, 2022
Pimcore SQLi Vulnerability Moderate
CVE-2018-14058 was published for pimcore/pimcore (Composer) May 14, 2022
katello SQL Injection vulnerability Moderate
CVE-2018-14623 was published for katello (RubyGems) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database