GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
98 advisories
Filter by severity
Pimcore SQL Injection vulnerability
High
CVE-2023-3673
was published
for
pimcore/pimcore
(Composer)
Jul 14, 2023
ipandlanguageredirect extension vulnerable to SQL Injection
High
CVE-2023-35782
was published
for
in2code/ipandlanguageredirect
(Composer)
Jun 16, 2023
pimcore/customer-management-framework-bundle has SQL Injection vulnerability in Segment Assignment query
High
CVE-2023-2756
was published
for
pimcore/customer-management-framework-bundle
(Composer)
May 17, 2023
Moodle SQL Injection vulnerability
High
CVE-2023-30944
was published
for
moodle/moodle
(Composer)
May 2, 2023
SQL Injection in AssetController
High
CVE-2023-2338
was published
for
pimcore/pimcore
(Composer)
Apr 27, 2023
SQL Injection in Admin Translations API
High
CVE-2023-30850
was published
for
pimcore/pimcore
(Composer)
Apr 27, 2023
SQL Injection in Translation Export API
High
CVE-2023-30849
was published
for
pimcore/pimcore
(Composer)
Apr 27, 2023
SQL Injection in Admin Search Find API
High
CVE-2023-30848
was published
for
pimcore/pimcore
(Composer)
Apr 27, 2023
Arbitrary file read via SQL injection
High
CVE-2023-30545
was published
for
prestashop/prestashop
(Composer)
Apr 26, 2023
NotrinosERP vulnerable to SQL Injection
High
CVE-2023-24788
was published
for
notrinos/notrinos-erp
(Composer)
Mar 23, 2023
Moodle SQL Injection vulnerability
High
CVE-2023-28329
was published
for
moodle/moodle
(Composer)
Mar 23, 2023
Teampass SQL Injection vulnerability
High
CVE-2023-1545
was published
for
nilsteampassnet/teampass
(Composer)
Mar 21, 2023
Improper quoting of columns when calling methods "getByUuid" & "exists" on UUID Model
High
CVE-2023-28108
was published
for
pimcore/pimcore
(Composer)
Mar 17, 2023
Blind SQL Injection via GridFieldSortableHeader
High
CVE-2022-38148
was published
for
silverstripe/framework
(Composer)
Nov 22, 2022
Centreon SQL Injection vulnerability via esc_name parameter
High
CVE-2022-40043
was published
for
centreon/centreon
(Composer)
Sep 27, 2022
exceedone/exment and exceedone/laravel-admin SQL Injection vulnerability
High
CVE-2022-37333
was published
for
exceedone/exment
(Composer)
Aug 25, 2022
BlockWishList SQL Injection vulnerability
High
CVE-2022-31101
was published
for
prestashop/blockwishlist
(Composer)
Jun 25, 2022
Improper quoting of columns when using setOrderBy() or setGroupBy() on listing classes in Pimcore
High
CVE-2022-31092
was published
for
pimcore/pimcore
(Composer)
Jun 22, 2022
SQL injection in helloxz/imgurl
High
CVE-2022-29305
was published
for
helloxz/imgurl
(Composer)
May 25, 2022
Magento SQL Injection vulnerability
High
CVE-2020-24400
was published
for
magento/community-edition
(Composer)
May 24, 2022
MunkiReport reportdata module SQL injection vulnerability
High
CVE-2020-15886
was published
for
munkireport/reportdata
(Composer)
May 24, 2022
MunkiReport Software Update module is vulnerable to SQL injection
High
CVE-2020-15887
was published
for
munkireport/softwareupdate
(Composer)
May 24, 2022
Dolibarr SQL injection vulnerability in accountancy/customer/card.php
High
CVE-2020-14443
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
phpMyAdmin SQL Injection
High
CVE-2020-10804
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
phpMyAdmin SQL injection vulnerability
High
CVE-2020-10802
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API