GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
184 advisories
Filter by severity
SQL Injection found in Dataease
High
CVE-2022-34114
was published
for
io.dataease:dataease-plugin-common
(Maven)
Jul 23, 2022
BlockWishList SQL Injection vulnerability
High
CVE-2022-31101
was published
for
prestashop/blockwishlist
(Composer)
Jun 25, 2022
Improper quoting of columns when using setOrderBy() or setGroupBy() on listing classes in Pimcore
High
CVE-2022-31092
was published
for
pimcore/pimcore
(Composer)
Jun 22, 2022
SQL injection in jflyfox jfinal
High
CVE-2022-30500
was published
for
com.jflyfox:jflyfox_jfinal
(Maven)
May 27, 2022
SQL injection in helloxz/imgurl
High
CVE-2022-29305
was published
for
helloxz/imgurl
(Composer)
May 25, 2022
Apache Superset SQL Injection when template processing is enabled
High
CVE-2021-41971
was published
for
apache-superset
(pip)
May 24, 2022
Magento SQL Injection vulnerability
High
CVE-2020-24400
was published
for
magento/community-edition
(Composer)
May 24, 2022
MunkiReport reportdata module SQL injection vulnerability
High
CVE-2020-15886
was published
for
munkireport/reportdata
(Composer)
May 24, 2022
MunkiReport Software Update module is vulnerable to SQL injection
High
CVE-2020-15887
was published
for
munkireport/softwareupdate
(Composer)
May 24, 2022
Dolibarr SQL injection vulnerability in accountancy/customer/card.php
High
CVE-2020-14443
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
phpMyAdmin SQL Injection
High
CVE-2020-10804
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
phpMyAdmin SQL injection vulnerability
High
CVE-2020-10802
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
Dolibarr ERP and CRM SQLi
High
CVE-2019-19209
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
Magento sql injection vulnerability
High
CVE-2020-3719
was published
for
magento/community-edition
(Composer)
May 24, 2022
phpMyAdmin SQL injection in user accounts page
High
CVE-2020-5504
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
Magento SQL injection via marketing account with access to email templates variables
High
CVE-2019-8134
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento SQL injection vulnerability
High
CVE-2019-8130
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition SQLi Vulnerability
High
CVE-2019-8127
was published
for
magento/community-edition
(Composer)
May 24, 2022
url_redirect for Typo3 SQLi Vulnerability
High
CVE-2019-16682
was published
for
sfroemken/url_redirect
(Composer)
May 24, 2022
Openstack ironic-inspector has SQL injection vulnerability in node_cache
High
CVE-2019-10141
was published
for
ironic-inspector
(pip)
May 24, 2022
PyWebDAV SQL Injection vulnerability
High
CVE-2011-0432
was published
for
pywebdav
(pip)
May 17, 2022
TYPO3 SQL injection vulnerability in the Extbase Framework
High
CVE-2013-1842
was published
for
typo3/cms-core
(Composer)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API