Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

578 advisories

Loading
MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameter Critical
CVE-2022-28111 was published for com.github.pagehelper:pagehelper (Maven) May 5, 2022
TYPO3 powermail Extension Vulnerable to SQL Injection via Unspecified Vectors High
CVE-2010-0329 was published for in2code/powermail (Composer) May 2, 2022
Accessibility Glossary (a21glossary) SQL injection vulnerability High
CVE-2009-4803 was published for svewap/a21glossary (Composer) May 2, 2022
PyGreSQL Might Be Vulnerable to Encoding-Based SQL Injection High
CVE-2009-2940 was published for PyGreSQL (pip) May 2, 2022
AdaptCMS SQL Injection vulnerability High
CVE-2008-4524 was published for adaptcms/adaptcms (Composer) May 2, 2022
Apache Derby SQL Injection Moderate
CVE-2006-7217 was published for org.apache.derby:derby (Maven) May 1, 2022
Contao core SQL Injection Vulnerability High
CVE-2012-4383 was published for contao/core (Composer) Apr 23, 2022
SQL Injection found in Pimcore High
CVE-2022-1429 was published for pimcore/pimcore (Composer) Apr 23, 2022
Drupal SQL Injection vulnerability Critical
CVE-2011-2715 was published for drupal/core (Composer) Apr 22, 2022
Typo3 SQL injection due to faulty prepared statements Critical
CVE-2011-3583 was published for typo3/cms (Composer) Apr 22, 2022
SQL injection in blazer High
CVE-2022-29498 was published for blazer (RubyGems) Apr 22, 2022
tdunlap607
Credited to tdunlap607
TYPO3 SQL injection vulnerability on the backend High
CVE-2010-3662 was published for typo3/cms-backend (Composer) Apr 21, 2022
SQL Injection in Pimcore High
CVE-2022-1339 was published for pimcore/pimcore (Composer) Apr 14, 2022
SQL injection in apache-superset Critical
CVE-2022-27479 was published for apache-superset (pip) Apr 14, 2022
SQL Injection in Django Critical
CVE-2022-28346 was published for Django (pip) Apr 13, 2022
SQL Injection in Django Critical
CVE-2022-28347 was published for Django (pip) Apr 13, 2022
SQL Injection in Pimcore High
CVE-2022-1219 was published for pimcore/pimcore (Composer) Apr 9, 2022
SQL Injection in elide-datastore-aggregation High
CVE-2022-24827 was published for com.yahoo.elide:elide-datastore-aggregation (Maven) Apr 8, 2022
SQL Injection when creating an application with Reactive SQL backend High
CVE-2022-24815 was published for generator-jhipster (npm) Apr 7, 2022
atomfrede pascalgrimaud
appkr OmarHawk deepu105
Credited to atomfrede, pascalgrimaud, appkr, OmarHawk, and deepu105
SQL injection in ImpressCMS High
CVE-2022-26986 was published for impresscms/impresscms (Composer) Apr 6, 2022
SQL injection in pagekit/pagekit Critical
CVE-2021-44135 was published for pagekit/pagekit (Composer) Apr 2, 2022
SQL Injection in Dolibarr High
CVE-2021-36625 was published for dolibarr/dolibarr (Composer) Apr 1, 2022
SQL Injection in ImpressCMS Critical
CVE-2021-26599 was published for impresscms/impresscms (Composer) Mar 29, 2022
SQLinjection in falcon-plus Critical
CVE-2022-26245 was published for github.com/open-falcon/falcon-plus (Go) Mar 28, 2022
SQL Injection in Fork CMS High
CVE-2022-1064 was published for forkcms/forkcms (Composer) Mar 26, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database