Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,537 advisories

Loading
In the module "Sliding cart block" (blockslidingcart) up to version 2.3.8 from PrestashopModules... Critical Unreviewed
CVE-2023-50028 was published Jan 19, 2024
In the module mib < 1.6.1 from MyPresta.eu for PrestaShop, a guest can perform SQL injection. The... Critical Unreviewed
CVE-2023-46351 was published Jan 19, 2024
The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via... Critical Unreviewed
CVE-2024-0705 was published Jan 19, 2024
A vulnerability was found in mpedraza2020 Intranet del Monterroso up to 4.50.0. It has been... Moderate Unreviewed
CVE-2019-25159 was published Feb 4, 2024
DuckDB <=0.9.2 and DuckDB extension-template <=0.9.2 are vulnerable to malicious extension... Critical Unreviewed
CVE-2024-22682 was published Jan 30, 2024
DBAL 3 SQL Injection Security Vulnerability Critical
CVE-2021-43608 was published for doctrine/dbal (Composer) Nov 16, 2021
SQL Injection Remote Code Execution Vulnerability was found using a create statement in the... High Unreviewed
CVE-2023-35188 was published Feb 6, 2024
A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.10. Affected is... Moderate Unreviewed
CVE-2024-1251 was published Feb 6, 2024
A vulnerability classified as critical was found in Tongda OA 2017 up to 11.9. Affected by this... Moderate Unreviewed
CVE-2024-1252 was published Feb 6, 2024
SQL Injection Remote Code Execution Vulnerability was found using an update statement in the... High Unreviewed
CVE-2023-50395 was published Feb 6, 2024
A SQL injection vulnerability exists where an authenticated, low-privileged remote attacker... Moderate Unreviewed
CVE-2024-0971 was published Feb 7, 2024
SQL injection vulnerability in Webkul Bundle Product 6.0.1 allows a remote attacker to execute... Critical Unreviewed
CVE-2023-51210 was published Jan 23, 2024
Silverstripe Framework SQLi Vulnerability Critical
CVE-2019-5715 was published for silverstripe/framework (Composer) May 14, 2022
Zend Framework Allows SQL Injection Critical
CVE-2016-6233 was published for zendframework/zendframework (Composer) May 14, 2022
Zend Framework Allows SQL Injection Critical
CVE-2015-0270 was published for zendframework/zend-db (Composer) May 24, 2022
TYPO3 SQL injection vulnerability on the backend High
CVE-2010-3662 was published for typo3/cms-backend (Composer) Apr 21, 2022
PyGreSQL Might Be Vulnerable to Encoding-Based SQL Injection High
CVE-2009-2940 was published for PyGreSQL (pip) May 2, 2022
jshERP v3.3 is vulnerable to SQL Injection. via the com.jsh.erp.controller.DepotHeadController:... Critical Unreviewed
CVE-2024-24001 was published Feb 7, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2023-6677 was published Feb 9, 2024
ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL... High Unreviewed
CVE-2024-0269 was published Feb 2, 2024
Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature. Critical Unreviewed
CVE-2023-48793 was published Feb 2, 2024
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can... Critical Unreviewed
CVE-2024-24015 was published Feb 6, 2024
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can... Critical Unreviewed
CVE-2024-24013 was published Feb 6, 2024
The Podlove Subscribe button plugin for WordPress is vulnerable to UNION-based SQL Injection via... High Unreviewed
CVE-2024-1118 was published Feb 7, 2024
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can... Critical Unreviewed
CVE-2024-24018 was published Feb 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database