Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

82 advisories

Loading
JeecgBoot SQL Injection vulnerability High
CVE-2024-48307 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Oct 31, 2024
Apache Submarine Server Core has a SQL Injection Vulnerability High
CVE-2024-36263 was published for org.apache.submarine:submarine-server-core (Maven) Jun 12, 2024
Amazon JDBC Driver for Redshift SQL Injection via line comment generation Critical
CVE-2024-32888 was published for com.amazon.redshift:redshift-jdbc42 (Maven) May 15, 2024
paul-gerste-sonarsource
SQL injection in Folio Spring Module Core Moderate
CVE-2022-4963 was published for org.folio:spring-module-core (Maven) Mar 21, 2024
org.postgresql:postgresql vulnerable to SQL Injection via line comment generation Critical
CVE-2024-1597 was published for org.postgresql:postgresql (Maven) Feb 21, 2024
paul-gerste-sonarsource
Duplicate Advisory: SQL injection in pgjdbc Critical
GHSA-xfg6-62px-cxc2 was published for org.postgresql:postgresql (Maven) Feb 19, 2024 withdrawn
Hazelcast Platform permission checking in CSV File Source connector High
CVE-2023-45860 was published for com.hazelcast:hazelcast (Maven) Feb 16, 2024
Mingsoft MCMS SQL injection High
CVE-2023-50578 was published for net.mingsoft:ms-mcms (Maven) Dec 30, 2023
Jeecg Boot SQL Injection Critical
CVE-2023-41543 was published for org.jeecgframework.boot:jeecg-boot-common (Maven) Dec 30, 2023
Jeecg Boot SQL injection vulnerability Critical
CVE-2023-41542 was published for org.jeecgframework.boot:jeecg-boot-common (Maven) Dec 30, 2023
Apache StreamPark: Authenticated system users could trigger SQL injection vulnerability Moderate
CVE-2023-30867 was published for org.apache.streampark:streampark (Maven) Dec 15, 2023
RuoYi vulnerable to SQL injection vulnerability Critical
CVE-2023-49371 was published for com.ruoyi:ruoyi (Maven) Dec 1, 2023
Apache Cocoon SQL Injection vulnerability Critical
CVE-2022-45135 was published for org.apache.cocoon:cocoon (Maven) Nov 30, 2023
SQL Injection in Apache InLong High
CVE-2023-43667 was published for org.apache.inlong:inlong (Maven) Oct 16, 2023
SQL injection in jeecgboot Critical
CVE-2023-40989 was published for org.jeecgframework.boot:jeecg-boot-common (Maven) Sep 22, 2023
MarkLee131
OpenRefine Remote Code execution in project import with mysql jdbc url attack Critical
CVE-2023-41887 was published for org.openrefine:database (Maven) Sep 12, 2023
nbxiglk0
OpenRefine vulnerable to arbitrary file read in project import with mysql jdbc url attack High
CVE-2023-41886 was published for org.openrefine:database (Maven) Sep 12, 2023
nbxiglk0
Jeecg boot SQL Injection vulnerability Critical
CVE-2023-42268 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Sep 8, 2023
DataEase vulnerable to SQL injection High
CVE-2023-40771 was published for io.dataease:dataease-plugin-common (Maven) Sep 1, 2023
SpringBlade vulnerable to SQL injection High
CVE-2023-40787 was published for org.springblade:blade-core-tool (Maven) Aug 29, 2023
Jeecg-boot SQL Injection vulnerability Moderate
CVE-2023-38905 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Aug 17, 2023
SQL injection in jeecg-boot Critical
CVE-2023-38992 was published for org.jeecgframework.boot:jeecg-boot-common (Maven) Jul 28, 2023
SQL injection in audit endpoint Critical
CVE-2023-35088 was published for org.apache.inlong:manager-service (Maven) Jul 25, 2023
Apache InLong SQL Injection vulnerability Moderate
CVE-2023-30465 was published for org.apache.inlong:manager-pojo (Maven) Jul 6, 2023
JeecgBoot vulnerable to SQL injection in queryFilterTableDictInfo Moderate
CVE-2023-34603 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Jun 19, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database