GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,328
Maven
5,000+
npm
3,965
NuGet
712
pip
3,745
Pub
12
RubyGems
921
Rust
974
Swift
38
Unreviewed advisories
All unreviewed
5,000+
3,430 advisories
Filter by severity
Money Transfer Management System Version 1.0 allows an authenticated user to inject SQL queries...
Moderate
Unreviewed
CVE-2022-25223
was published
Mar 24, 2022
SQL Injection in FreeTAKServer-UI
Moderate
CVE-2022-25506
was published
for
FreeTAKServer-UI
(pip)
Mar 12, 2022
SQL Injection in GitHub repository salesagility/suitecrm prior to 7.12.5.
Moderate
Unreviewed
CVE-2022-0754
was published
Mar 8, 2022
The Fancy Product Designer WordPress plugin is vulnerable to SQL Injection due to insufficient...
Moderate
Unreviewed
CVE-2021-4134
was published
Feb 17, 2022
The Futurio Extra WordPress plugin before 1.6.3 is affected by a SQL Injection vulnerability that...
Moderate
Unreviewed
CVE-2021-25109
was published
Feb 15, 2022
SQL Injection in Hibernate ORM
Moderate
CVE-2019-14900
was published
for
org.hibernate:hibernate-core
(Maven)
Feb 10, 2022
SQL Injection in Spring Cloud Task
Moderate
CVE-2020-5428
was published
for
org.springframework.cloud:spring-cloud-task-dependencies
(Maven)
Feb 9, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which...
Moderate
Unreviewed
CVE-2021-42633
was published
Feb 8, 2022
The Rearrange Woocommerce Products WordPress plugin before 3.0.8 does not have proper access...
Moderate
Unreviewed
CVE-2021-24928
was published
Feb 8, 2022
SQL injection in github.com/navidrome/navidrome
Moderate
CVE-2022-23857
was published
for
github.com/navidrome/navidrome
(Go)
Jan 27, 2022
SQL Injection in showdoc
Moderate
CVE-2022-0362
was published
for
showdoc/showdoc
(Composer)
Jan 27, 2022
The All in One SEO WordPress plugin before 4.1.5.3 is affected by an authenticated SQL injection...
Moderate
Unreviewed
CVE-2021-25037
was published
Jan 18, 2022
SQL Injection in Apache Kylin
Moderate
CVE-2021-36774
was published
for
org.apache.kylin:kylin
(Maven)
Jan 8, 2022
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated...
Moderate
Unreviewed
CVE-2021-21926
was published
Dec 23, 2021
An authenticated SQL injection issue in the calendar search function of OpenEMR 6.0.0 before...
Moderate
Unreviewed
CVE-2021-41843
was published
Dec 18, 2021
CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL injection vulnerability in the...
Moderate
Unreviewed
CVE-2021-44050
was published
Dec 3, 2021
SQL Injection in gogs.io/gogs
Moderate
CVE-2014-8681
was published
for
github.com/gogits/gogs
(Go)
Jun 29, 2021
SQL Injection in tribalsystems/zenario
Moderate
CVE-2021-27672
was published
for
tribalsystems/zenario
(Composer)
Jun 8, 2021
SQL Injection in Cloud Native Computing Foundation Harbor
Moderate
CVE-2019-19026
was published
for
github.com/goharbor/harbor
(Go)
May 18, 2021
SQL Injection in moodle
Moderate
CVE-2020-25700
was published
for
moodle/moodle
(Composer)
Mar 29, 2021
SQL Injection in Kylin
Moderate
CVE-2020-1937
was published
for
org.apache.kylin:kylin-server-base
(Maven)
Jul 27, 2020
DoS via malicious record IDs in WatermelonDB
Moderate
CVE-2020-4035
was published
for
@nozbe/watermelondb
(npm)
Jun 3, 2020
SQL injection in Tortoise ORM
Moderate
CVE-2020-11010
was published
for
tortoise-orm
(pip)
Apr 20, 2020
Data leakage via SQL Injection in Pimcore
Moderate
CVE-2019-10763
was published
for
pimcore/pimcore
(Composer)
Dec 2, 2019
ProTip!
Advisories are also available from the
GraphQL API