Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

578 advisories

Loading
Zend Framework Allows SQL Injection Critical
CVE-2016-4861 was published for zendframework/zendframework (Composer) May 14, 2022
ThinkPHP SQL Injection vulnerability Critical
CVE-2018-16385 was published for topthink/framework (Composer) May 14, 2022
ThinkPHP SQL injection vulnerability Critical
CVE-2018-17566 was published for topthink/framework (Composer) May 14, 2022
ThinkPHP SQLi Vulnerability Critical
CVE-2018-18530 was published for topthink/framework (Composer) May 14, 2022
ThinkPHP SQLi Vulnerability Critical
CVE-2018-18529 was published for topthink/framework (Composer) May 14, 2022
ThinkPHP SQLi Vulnerability Critical
CVE-2018-18546 was published for topthink/framework (Composer) May 14, 2022
Dolibarr error-based SQL injection vulnerability in product/card.php High
CVE-2018-19994 was published for dolibarr/dolibarr (Composer) May 14, 2022
Dolibarr SQL injection vulnerability in user/card.php High
CVE-2018-19998 was published for dolibarr/dolibarr (Composer) May 14, 2022
Shopware SQL Injection High
CVE-2018-20713 was published for shopware/shopware (Composer) May 14, 2022
phpMyAdmin SQL injection in Designer feature Critical
CVE-2019-6798 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Dolibarr SQL injection via the integer parameters qty and value_unit Critical
CVE-2018-16809 was published for dolibarr/dolibarr (Composer) May 14, 2022
baserCMS SQL Injection vulnerability Critical
CVE-2017-10842 was published for baserproject/basercms (Composer) May 14, 2022
GeniXCMS SQL injection vulnerability High
CVE-2017-5346 was published for genix/cms (Composer) May 14, 2022
LibreNMS SQL Injection High
CVE-2018-20678 was published for librenms/librenms (Composer) May 14, 2022
Silverstripe Framework SQLi Vulnerability Critical
CVE-2019-5715 was published for silverstripe/framework (Composer) May 14, 2022
Katello SQL Injection vulnerabilities High
CVE-2016-3072 was published for katello (RubyGems) May 14, 2022
Centreon SQL Injection High
CVE-2018-19271 was published for centreon/centreon (Composer) May 14, 2022
Centreon SQL Injection High
CVE-2018-19312 was published for centreon/centreon (Composer) May 14, 2022
Centreon allows SNMP trap SQL Injection Critical
CVE-2018-19281 was published for centreon/centreon (Composer) May 14, 2022
katello SQL Injection vulnerability Moderate
CVE-2018-14623 was published for katello (RubyGems) May 13, 2022
SQL Injection in Zenario 7.1-7.6 High
CVE-2018-5960 was published for tribalsystems/zenario (Composer) May 13, 2022
Moodle allows remote authenticated users to cause a denial of service (invalid database records) Moderate
CVE-2011-4292 was published for moodle/moodle (Composer) May 13, 2022
Moodle vulnerable to SQL injection High
CVE-2010-1615 was published for moodle/moodle (Composer) May 13, 2022
Dolibarr SQL Injection vulnerability Critical
CVE-2018-9019 was published for dolibarr/dolibarr (Composer) May 13, 2022
Blind SQL Injection with privileged Cloud Foundry UAA endpoints Moderate
CVE-2017-4974 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database