GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
113 advisories
Filter by severity
Moodle SQL Injection vulnerability
Critical
CVE-2021-36392
was published
for
moodle/moodle
(Composer)
Mar 6, 2023
SQL injection in webbuilders-group silverstripe-kapost-bridge
Critical
CVE-2015-10077
was published
for
webbuilders-group/silverstripe-kapost-bridge
(Composer)
Feb 10, 2023
phpmyadmin contains SQL Injection vulnerability
Critical
CVE-2020-22452
was published
for
phpmyadmin/phpmyadmin
(Composer)
Jan 26, 2023
CakePHP Database\\Query::offset() and limit() methods are vulnerable to SQL injection
Critical
CVE-2023-22727
was published
for
cakephp/cakephp
(Composer)
Jan 20, 2023
SQL Injection in liftkit/database
Critical
CVE-2016-15020
was published
for
liftkit/database
(Composer)
Jan 16, 2023
WebPA SQL Injection vulnerability
Critical
CVE-2021-4308
was published
for
webpa/webpa
(Composer)
Jan 8, 2023
PaginationServiceProvider SQL Injection vulnerability
Critical
CVE-2014-125029
was published
for
ttskch/pagination-service-provider
(Composer)
Jan 8, 2023
himiklab yii2-jqgrid-widget vulnerable to SQL Injection
Critical
CVE-2014-125051
was published
for
himiklab/yii2-jqgrid-widget
(Composer)
Jan 6, 2023
DBRisinajumi d2files SQL Injection vulnerability
Critical
CVE-2015-10018
was published
for
dbrisinajumi/d2files
(Composer)
Jan 6, 2023
laravel-jqgrid vulnerable to SQL Injection
Critical
CVE-2021-4262
was published
for
mgallegos/laravel-jqgrid
(Composer)
Dec 19, 2022
SQL injection in Dolibarr
Critical
CVE-2022-4093
was published
for
dolibarr/dolibarr
(Composer)
Nov 21, 2022
Centreon vulnerable to SQL Injection
Critical
CVE-2022-3827
was published
for
centreon/centreon
(Composer)
Nov 2, 2022
Moodle Minor SQL injection risk in admin user browsing
Critical
CVE-2022-40315
was published
for
moodle/moodle
(Composer)
Oct 1, 2022
PrestaShop eval injection possible if shop vulnerable to SQL injection
Critical
CVE-2022-31181
was published
for
prestashop/prestashop
(Composer)
Jul 29, 2022
Duplicate Advisory GHSA-hrgx-p36p-89q4
Critical
CVE-2022-36408
was published
for
prestashop/prestashop
(Composer)
Jul 23, 2022
•
withdrawn
SQL Injection in typo3 extension "LUX - TYPO3 Marketing Automation"
Critical
CVE-2022-35628
was published
for
in2code/lux
(Composer)
Jul 15, 2022
SQL Injection in RosarioSIS
Critical
CVE-2022-2067
was published
for
francoisjacquet/rosariosis
(Composer)
Jun 14, 2022
Magento 2 Community Edition SQLi Vulnerability
Critical
CVE-2019-7139
was published
for
magento/community-edition
(Composer)
May 24, 2022
Froxlor SQL injection vulnerability
Critical
CVE-2021-42325
was published
for
froxlor/froxlor
(Composer)
May 24, 2022
NukeViet SQL Injection vulnerability via topicsid parameter
Critical
CVE-2020-21808
was published
for
nukeviet/nukeviet
(Composer)
May 24, 2022
NukeViet SQL Injection vulnerability
Critical
CVE-2020-21809
was published
for
nukeviet/nukeviet
(Composer)
May 24, 2022
qcubed SQL injection vulnerability in profile.php via the strQuery parameter
Critical
CVE-2020-24913
was published
for
qcubed/qcubed
(Composer)
May 24, 2022
Magento Blind SQL Injection in the Search module
Critical
CVE-2021-21024
was published
for
magento/community-edition
(Composer)
May 24, 2022
phpMyAdmin SQL injection vulnerability
Critical
CVE-2020-26935
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
Zend Framework Allows SQL Injection
Critical
CVE-2015-0270
was published
for
zendframework/zend-db
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API