GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
121 advisories
Filter by severity
Improper quoting of columns when calling methods "getByUuid" & "exists" on UUID Model
High
CVE-2023-28108
was published
for
pimcore/pimcore
(Composer)
Mar 17, 2023
Blind SQL Injection via GridFieldSortableHeader
High
CVE-2022-38148
was published
for
silverstripe/framework
(Composer)
Nov 22, 2022
Centreon SQL Injection vulnerability via esc_name parameter
High
CVE-2022-40043
was published
for
centreon/centreon
(Composer)
Sep 27, 2022
exceedone/exment and exceedone/laravel-admin SQL Injection vulnerability
High
CVE-2022-37333
was published
for
exceedone/exment
(Composer)
Aug 25, 2022
BlockWishList SQL Injection vulnerability
High
CVE-2022-31101
was published
for
prestashop/blockwishlist
(Composer)
Jun 25, 2022
Improper quoting of columns when using setOrderBy() or setGroupBy() on listing classes in Pimcore
High
CVE-2022-31092
was published
for
pimcore/pimcore
(Composer)
Jun 22, 2022
SQL injection in helloxz/imgurl
High
CVE-2022-29305
was published
for
helloxz/imgurl
(Composer)
May 25, 2022
Magento SQL Injection vulnerability
High
CVE-2020-24400
was published
for
magento/community-edition
(Composer)
May 24, 2022
MunkiReport Software Update module is vulnerable to SQL injection
High
CVE-2020-15887
was published
for
munkireport/softwareupdate
(Composer)
May 24, 2022
MunkiReport reportdata module SQL injection vulnerability
High
CVE-2020-15886
was published
for
munkireport/reportdata
(Composer)
May 24, 2022
Dolibarr SQL injection vulnerability in accountancy/customer/card.php
High
CVE-2020-14443
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
phpMyAdmin SQL Injection
High
CVE-2020-10804
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
phpMyAdmin SQL injection vulnerability
High
CVE-2020-10802
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
Dolibarr ERP and CRM SQLi
High
CVE-2019-19209
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
Magento sql injection vulnerability
High
CVE-2020-3719
was published
for
magento/community-edition
(Composer)
May 24, 2022
phpMyAdmin SQL injection in user accounts page
High
CVE-2020-5504
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
Magento SQL injection via marketing account with access to email templates variables
High
CVE-2019-8134
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento SQL injection vulnerability
High
CVE-2019-8130
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition SQLi Vulnerability
High
CVE-2019-8127
was published
for
magento/community-edition
(Composer)
May 24, 2022
url_redirect for Typo3 SQLi Vulnerability
High
CVE-2019-16682
was published
for
sfroemken/url_redirect
(Composer)
May 24, 2022
powermail extension for TYPO3 vulnerable to SQL Injection
High
CVE-2010-3604
was published
for
in2code/powermail
(Composer)
May 17, 2022
TYPO3 SQL injection vulnerability in the Extbase Framework
High
CVE-2013-1842
was published
for
typo3/cms-core
(Composer)
May 17, 2022
Multishop extension for TYPO3 has SQL Injection vulnerability
High
CVE-2013-4682
was published
for
bvbmedia/multishop
(Composer)
May 17, 2022
WEC Map (wec_map) extension for TYPO3 allows SQL Injection
High
CVE-2014-6295
was published
for
jbartels/wec-map
(Composer)
May 17, 2022
GeniXCMS SQL injection vulnerability
High
CVE-2016-10096
was published
for
genix/cms
(Composer)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API