Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

579 advisories

Loading
Dolibarr vulnerable to SQL Injection Critical
CVE-2024-5314 was published for dolibarr/dolibarr (Composer) May 24, 2024
NASA AIT-Core vulnerable to SQL Injection Critical
CVE-2024-35056 was published for ait-core (pip) May 21, 2024
PyMySQL SQL Injection vulnerability Critical
CVE-2024-36039 was published for pymysql (pip) May 21, 2024
propel/propel1 SQL injection possible with limit() on MySQL Critical
GHSA-7g7c-qhf3-x59p was published for propel/propel1 (Composer) May 20, 2024
Propel2 SQL injection possible with limit() on MySQL Critical
GHSA-7vw7-qx38-37vr was published for propel/propel (Composer) May 20, 2024
laravel framework SQL Injection via limit and offset functions High
GHSA-wq8p-mqvg-2p5h was published for laravel/framework (Composer) May 15, 2024
ADOdb SQL injection vulnerability Critical
GHSA-h63c-xvpf-264j was published for adodb/adodb-php (Composer) May 15, 2024
Amazon JDBC Driver for Redshift SQL Injection via line comment generation Critical
CVE-2024-32888 was published for com.amazon.redshift:redshift-jdbc42 (Maven) May 15, 2024
paul-gerste-sonarsource
Credited to paul-gerste-sonarsource
NocoDB SQL Injection vulnerability Moderate
CVE-2023-50718 was published for nocodb (npm) May 13, 2024
pyozzi-toss
Credited to pyozzi-toss
Npgsql vulnerable to SQL Injection via Protocol Message Size Overflow High
CVE-2024-32655 was published for Npgsql (NuGet) May 9, 2024
paul-gerste-sonarsource NinoFloris
Credited to paul-gerste-sonarsource and NinoFloris
pgAdmin is affected by a multi-factor authentication bypass vulnerability Moderate
CVE-2024-4215 was published for pgadmin4 (pip) May 2, 2024
Umbraco Workflow's Backoffice users can execute arbitrary SQL Moderate
CVE-2024-32872 was published for Plumber.Workflow (NuGet) Apr 24, 2024
pjez-qestit
Credited to pjez-qestit
Zend Framework SQL injection vulnerability Critical
CVE-2014-8089 was published for zendframework/zend-db (Composer) Apr 23, 2024
LibreNMS vulnerable to a Time-Based Blind SQL injection leads to database extraction High
CVE-2024-32480 was published for librenms/librenms (Composer) Apr 22, 2024
sco4x0
Credited to sco4x0
LibreNMS vulnerable to SQL injection time-based leads to database extraction High
CVE-2024-32461 was published for librenms/librenms (Composer) Apr 22, 2024
Louhan-dev
Credited to Louhan-dev
Mautic SQL Injection in dynamic Reports Moderate
CVE-2022-25775 was published for mautic/core (Composer) Apr 12, 2024
Centreon updateContactServiceCommands SQL Injection Remote Code Execution Vulnerability High
CVE-2024-23117 was published for centreon/centreon (Composer) Apr 2, 2024
Centreon updateGroups SQL Injection Remote Code Execution Vulnerability High
CVE-2024-23115 was published for centreon/centreon (Composer) Apr 2, 2024
Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability High
CVE-2024-0637 was published for centreon/centreon (Composer) Apr 2, 2024
Centreon updateContactHostCommands SQL Injection Remote Code Execution Vulnerability High
CVE-2024-23118 was published for centreon/centreon (Composer) Apr 2, 2024
Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability High
CVE-2024-23119 was published for centreon/centreon (Composer) Apr 2, 2024
Centreon updateLCARelation SQL Injection Remote Code Execution Vulnerability High
CVE-2024-23116 was published for centreon/centreon (Composer) Apr 2, 2024
SQL Injection vulnerability in Reportico Till High
CVE-2023-47438 was published for reportico-web/reportico (Composer) Mar 28, 2024
phpMyFAQ SQL injections at insertentry & saveentry High
CVE-2024-28107 was published for phpmyfaq/phpmyfaq (Composer) Mar 25, 2024
kevinnivekkevin
Credited to kevinnivekkevin
phpMyFAQ SQL Injection at "Save News" High
CVE-2024-27299 was published for phpmyfaq/phpmyfaq (Composer) Mar 25, 2024
kevinnivekkevin
Credited to kevinnivekkevin
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database