Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

69 advisories

Loading
Moodle vulnerable to site administration SQL injection via XMLDB editor Moderate
CVE-2024-43436 was published for moodle/moodle (Composer) Nov 7, 2024
CWA-2024-006: wasmd non-deterministic module_query_safe query Moderate
GHSA-fpgj-cr28-fvpx was published for github.com/CosmWasm/wasmd (Go) Aug 21, 2024
amimart
Meshery SQL Injection vulnerability Moderate
CVE-2024-35181 was published for github.com/layer5io/meshery (Go) Aug 5, 2024
Meshery SQL Injection vulnerability Moderate
CVE-2024-35182 was published for github.com/layer5io/meshery (Go) Aug 5, 2024
dbt has an implicit override for built-in materializations from installed packages Moderate
CVE-2024-40637 was published for dbt-core (pip) Jul 17, 2024
brabster
Apache Superset vulnerable to improper SQL authorization Moderate
CVE-2024-39887 was published for apache-superset (pip) Jul 16, 2024
SQL Injection in the KubeClarity REST API Moderate
CVE-2024-39909 was published for github.com/openclarity/kubeclarity/backend (Go) Jul 12, 2024
b-abderrahmane
NHibernate SQL injection vulnerability in discriminator mappings, static fields referenced in HQL, and some utilities Moderate
CVE-2024-39677 was published for NHibernate (NuGet) Jul 8, 2024
hazzik fredericDelaporte
EGroupware mishandles an ORDER BY clause Moderate
CVE-2024-40614 was published for egroupware/egroupware (Composer) Jul 7, 2024
blitzdose
SQL injection in litellm Moderate
CVE-2024-4890 was published for litellm (pip) Jun 6, 2024
SQL injection in litellm Moderate
CVE-2024-5225 was published for litellm (pip) Jun 6, 2024
SQL Injection in TYPO3 Frontend Login Moderate
GHSA-j86x-pjmr-9m6w was published for typo3/cms (Composer) Jun 5, 2024
NocoDB SQL Injection vulnerability Moderate
CVE-2023-50718 was published for nocodb (npm) May 13, 2024
pyozzi-toss
Umbraco Workflow's Backoffice users can execute arbitrary SQL Moderate
CVE-2024-32872 was published for Plumber.Workflow (NuGet) Apr 24, 2024
pjez-qestit
Mautic SQL Injection in dynamic Reports Moderate
CVE-2022-25775 was published for mautic/core (Composer) Apr 12, 2024
SQL Injection vulnerability in Reportico Till Moderate
CVE-2023-47438 was published for reportico-web/reportico (Composer) Mar 28, 2024
SQL injection in Folio Spring Module Core Moderate
CVE-2022-4963 was published for org.folio:spring-module-core (Maven) Mar 21, 2024
Grafana Arbitrary File Read Moderate
CVE-2019-19499 was published for github.com/grafana/grafana (Go) Jan 31, 2024
Gila CMS SQL Injection Moderate
CVE-2020-26623 was published for gilacms/gila (Composer) Jan 3, 2024
Apache Superset SQL injection vulnerability Moderate
CVE-2023-49736 was published for apache-superset (pip) Dec 19, 2023
Apache StreamPark: Authenticated system users could trigger SQL injection vulnerability Moderate
CVE-2023-30867 was published for org.apache.streampark:streampark (Maven) Dec 15, 2023
nocodb SQL Injection vulnerability Moderate
CVE-2023-43794 was published for nocodb (npm) Oct 17, 2023
sylwia-budzynska
Jeecg-boot SQL Injection vulnerability Moderate
CVE-2023-38905 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Aug 17, 2023
PrestaShop boolean SQL injection Moderate
CVE-2023-39524 was published for prestashop/prestashop (Composer) Aug 9, 2023
Apache InLong SQL Injection vulnerability Moderate
CVE-2023-30465 was published for org.apache.inlong:manager-pojo (Maven) Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database