Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

20 advisories

Loading
Decidim-Awesome has SQL injection in AdminAccountability High
CVE-2024-43415 was published for decidim-decidim_awesome (RubyGems) Nov 12, 2024
whotwagner
SQL Injection Vulnerability via ActiveRecord comments High
CVE-2023-22794 was published for activerecord (RubyGems) Jan 18, 2023
kurt-r2c
activerecord vulnerable to SQL Injection High
CVE-2011-2930 was published for activerecord (RubyGems) Oct 24, 2017
activerecord vulnerable to SQL Injection High
CVE-2012-2695 was published for activerecord (RubyGems) Oct 24, 2017
Active Record contains SQL Injection via improper range quoting High
CVE-2014-3483 was published for activerecord (RubyGems) Oct 24, 2017
activerecord vulnerable to SQL Injection High
CVE-2011-0448 was published for activerecord (RubyGems) Oct 24, 2017
tdunlap607
Array data injection vulnerability in activerecord Moderate
CVE-2014-0080 was published for activerecord (RubyGems) Oct 24, 2017
Rails ActiveRecord gem vulnerable to SQL injection High
CVE-2008-4094 was published for activerecord (RubyGems) Oct 24, 2017
jasnow
Active Record contains SQL Injection High
CVE-2012-6496 was published for activerecord (RubyGems) Oct 24, 2017
Active Record vulnerable to SQL Injection via nested query parameters Moderate
CVE-2012-2661 was published for activerecord (RubyGems) Oct 24, 2017
curupira is vulnerable to SQL injection Critical
CVE-2015-10053 was published for curupira (RubyGems) Jan 16, 2023
SQL Injection in marginalia Critical
CVE-2019-1010191 was published for marginalia (RubyGems) Jul 26, 2019
mysql-bunuuid-rails vulnerable to SQL injection Critical
CVE-2018-18476 was published for mysql-binuuid-rails (RubyGems) Oct 30, 2018
tdunlap607
SQL Injection in Geocoder Critical
CVE-2020-7981 was published for geocoder (RubyGems) Jun 10, 2020
SQL injection in blazer High
CVE-2022-29498 was published for blazer (RubyGems) Apr 22, 2022
tdunlap607
SQL Injection in Active Record High
CVE-2014-3482 was published for activerecord (RubyGems) Oct 24, 2017
katello SQL Injection vulnerability Moderate
CVE-2018-14623 was published for katello (RubyGems) May 13, 2022
Katello SQL Injection vulnerabilities High
CVE-2016-3072 was published for katello (RubyGems) May 14, 2022
update_by_case before 0.1.3 can be vulnerable to sql injection Moderate
CVE-2022-35956 was published for update_by_case (RubyGems) Aug 11, 2022
Fat Free CRM vulnerable to SQL Injection Moderate
CVE-2013-7225 was published for fat_free_crm (RubyGems) May 17, 2022
ProTip! Advisories are also available from the GraphQL API