Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

184 advisories

Loading
SQL injection in ImpressCMS High
CVE-2022-26986 was published for impresscms/impresscms (Composer) Apr 6, 2022
SQL Injection in Dolibarr High
CVE-2021-36625 was published for dolibarr/dolibarr (Composer) Apr 1, 2022
SQL Injection in Yeswiki High
CVE-2021-43091 was published for yeswiki/yeswiki (Composer) Mar 26, 2022
SQL Injection in Fork CMS High
CVE-2022-1064 was published for forkcms/forkcms (Composer) Mar 26, 2022
SQL Injection in Moodle High
CVE-2022-0983 was published for moodle/moodle (Composer) Mar 26, 2022
SQL Injection in Fork CMS High
CVE-2022-0153 was published for forkcms/forkcms (Composer) Mar 25, 2022
Moodle Blind SQL injection possible via MNet authentication High
CVE-2021-32474 was published for moodle/moodle (Composer) Mar 12, 2022
Pivotal Concourse SQL Injection Vulnerability High
CVE-2019-3792 was published for github.com/concourse/concourse (Go) Feb 15, 2022
Possible SQL injection in tablelookupwizard Contao Extension High
GHSA-v3mr-gp7j-pw5w was published for terminal42/contao-tablelookupwizard (Composer) Feb 10, 2022
SQL injection in hibernate-core High
CVE-2020-25638 was published for org.hibernate:hibernate-core (Maven) Feb 9, 2022
vmvarga mpihelgas
SQL Injection in Casdoor High
CVE-2022-24124 was published for github.com/casdoor/casdoor (Go) Feb 1, 2022
Mingsoft MCMS SQL injection vulnerability High
CVE-2021-46383 was published for net.mingsoft:ms-mcms (Maven) Jan 27, 2022
Mingsoft MCMS SQL injection vulnerability High
CVE-2021-46385 was published for net.mingsoft:ms-mcms (Maven) Jan 27, 2022
SQL Injection in dolibarr High
CVE-2022-0224 was published for dolibarr/dolibarr (Composer) Jan 21, 2022
pimcore is vulnerable to SQL Injection High
CVE-2022-0258 was published for pimcore/pimcore (Composer) Jan 21, 2022
SQL injection in jackalope/jackalope-doctrine-dbal High
CVE-2021-43822 was published for jackalope/jackalope-doctrine-dbal (Composer) Dec 14, 2021
alexander-schranz
SQL injection in prestashop/prestashop High
CVE-2021-43789 was published for prestashop/prestashop (Composer) Dec 7, 2021
PierreRambaud
SQL Injection in thinkjs High
CVE-2020-21176 was published for thinkjs (npm) Nov 19, 2021
SQL injection in Apache DolphinScheduler High
CVE-2021-27644 was published for org.apache.dolphinscheduler:dolphinscheduler-server (Maven) Nov 3, 2021
Content object state fetch functions open to SQL injection High
GHSA-jpwx-ffjq-wr4w was published for ezsystems/ezpublish-legacy (Composer) Sep 7, 2021
Unauthenticated SQL Injection in Cachet High
CVE-2021-39165 was published for cachethq/cachet (Composer) Aug 30, 2021
phith0n
SQL injection in pimcore/pimcore High
CVE-2021-23405 was published for pimcore/pimcore (Composer) Jul 13, 2021
SQL Injection in Gogs High
CVE-2014-8682 was published for gogs.io/gogs (Go) Jun 29, 2021
SQL Injection in t3/dce High
CVE-2021-31777 was published for t3/dce (Composer) Jun 8, 2021
SQL Injection in Cloud Native Computing Foundation Harbor High
CVE-2019-19029 was published for github.com/goharbor/harbor (Go) May 18, 2021
ProTip! Advisories are also available from the GraphQL API