GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
578 advisories
Filter by severity
silverstripe restfulserver and registry modules SQL injection vulnerability
Critical
CVE-2019-12149
was published
for
silverstripe/registry
(Composer)
May 24, 2022
phpMyAdmin SQL injection in Designer feature
Critical
CVE-2019-11768
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
Contao SQL injection in the backend and listing module
Critical
CVE-2017-16558
was published
for
contao/contao
(Composer)
May 24, 2022
SQL injection in moodle
Critical
CVE-2022-30599
was published
for
moodle/moodle
(Composer)
May 19, 2022
powermail extension for TYPO3 vulnerable to SQL Injection
High
CVE-2010-3604
was published
for
in2code/powermail
(Composer)
May 17, 2022
PyWebDAV SQL Injection vulnerability
Critical
CVE-2011-0432
was published
for
pywebdav
(pip)
May 17, 2022
TYPO3 SQL injection vulnerability in the Extbase Framework
High
CVE-2013-1842
was published
for
typo3/cms-core
(Composer)
May 17, 2022
Multishop extension for TYPO3 has SQL Injection vulnerability
High
CVE-2013-4682
was published
for
bvbmedia/multishop
(Composer)
May 17, 2022
Fat Free CRM vulnerable to SQL Injection
Moderate
CVE-2013-7225
was published
for
fat_free_crm
(RubyGems)
May 17, 2022
CiviCRM SQL injection vulnerability via Quick Search API
Moderate
CVE-2013-4662
was published
for
civicrm/civicrm-core
(Composer)
May 17, 2022
WEC Map (wec_map) extension for TYPO3 allows SQL Injection
High
CVE-2014-6295
was published
for
jbartels/wec-map
(Composer)
May 17, 2022
Apache Jetspeed vulnerable to SQL Injection
High
CVE-2016-0710
was published
for
org.apache.portals.jetspeed-2:jetspeed
(Maven)
May 17, 2022
Zend Framework SQL injection vector using null byte for PDO
Critical
CVE-2015-7695
was published
for
zendframework/zendframework1
(Composer)
May 17, 2022
GeniXCMS SQL injection vulnerability
High
CVE-2016-10096
was published
for
genix/cms
(Composer)
May 17, 2022
TeamPass vulnerable to SQL Injection
Critical
CVE-2015-7564
was published
for
nilsteampassnet/teampass
(Composer)
May 17, 2022
Dolibarr SQL Injection in doli/theme/eldy/style.css.php via the lang parameter
Critical
CVE-2017-7886
was published
for
dolibarr/dolibarr
(Composer)
May 17, 2022
Dolibarr ERP and CRM SQLi
Critical
CVE-2017-9435
was published
for
dolibarr/dolibarr
(Composer)
May 17, 2022
TeamPass SQL injection in users.queries.php
Critical
CVE-2017-9436
was published
for
nilsteampassnet/teampass
(Composer)
May 17, 2022
Improper Neutralization of Special Elements used in an SQL Command Pivotal Spring Data JPA
Moderate
CVE-2016-6652
was published
for
org.springframework.data:spring-data-jpa
(Maven)
May 17, 2022
ADOdb Library SQL Injection
Critical
CVE-2016-7405
was published
for
adodb/adodb-php
(Composer)
May 17, 2022
New Relic .NET Agent contains SQL Injection
Critical
CVE-2017-9246
was published
for
NewRelic.Agent
(NuGet)
May 17, 2022
Apache OpenMeetings vulnerable to SQL injection
High
CVE-2017-7681
was published
for
org.apache.openmeetings:openmeetings-parent
(Maven)
May 17, 2022
MODX Revolution blind SQL injection
High
CVE-2017-1000067
was published
for
modx/revolution
(Composer)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API