GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
244 advisories
Filter by severity
SQL Injection in Fork CMS
High
CVE-2022-0153
was published
for
forkcms/forkcms
(Composer)
Mar 25, 2022
SQL Injection in tribalsystems/zenario
Critical
CVE-2021-26830
was published
for
tribalsystems/zenario
(Composer)
Mar 18, 2022
DQL injection through sorting parameters blocked
Critical
CVE-2022-24752
was published
for
sylius/grid-bundle
(Composer)
Mar 15, 2022
SQL Injection in WordPress Zero Spam WordPress plugin
Critical
CVE-2022-0254
was published
for
bmarshall511/wordpress_zero_spam
(Composer)
Mar 15, 2022
Moodle Blind SQL injection possible via MNet authentication
High
CVE-2021-32474
was published
for
moodle/moodle
(Composer)
Mar 12, 2022
SQL injection in francoisjacquet/rosariosis
Critical
CVE-2021-44567
was published
for
francoisjacquet/rosariosis
(Composer)
Feb 25, 2022
Possible SQL injection in tablelookupwizard Contao Extension
High
GHSA-v3mr-gp7j-pw5w
was published
for
terminal42/contao-tablelookupwizard
(Composer)
Feb 10, 2022
SQL injection in Moodle
Critical
CVE-2022-0332
was published
for
moodle/moodle
(Composer)
Jan 28, 2022
SQL Injection in showdoc
Moderate
CVE-2022-0362
was published
for
showdoc/showdoc
(Composer)
Jan 27, 2022
SQL Injection in dolibarr
High
CVE-2022-0224
was published
for
dolibarr/dolibarr
(Composer)
Jan 21, 2022
pimcore is vulnerable to SQL Injection
High
CVE-2022-0258
was published
for
pimcore/pimcore
(Composer)
Jan 21, 2022
ThinkPHP5 SQL Injection vulnerability
Critical
CVE-2021-44350
was published
for
topthink/framework
(Composer)
Dec 17, 2021
SQL injection in jackalope/jackalope-doctrine-dbal
High
CVE-2021-43822
was published
for
jackalope/jackalope-doctrine-dbal
(Composer)
Dec 14, 2021
SQL injection in prestashop/prestashop
High
CVE-2021-43789
was published
for
prestashop/prestashop
(Composer)
Dec 7, 2021
SQL Injection in rosariosis
Critical
CVE-2021-44427
was published
for
francoisjacquet/rosariosis
(Composer)
Dec 2, 2021
DBAL 3 SQL Injection Security Vulnerability
Critical
CVE-2021-43608
was published
for
doctrine/dbal
(Composer)
Nov 16, 2021
SQL Injection in medoo
Critical
CVE-2019-10762
was published
for
catfan/medoo
(Composer)
Oct 12, 2021
SQL Injection in topthink/thinkphp
Critical
CVE-2020-20120
was published
for
topthink/thinkphp
(Composer)
Sep 30, 2021
SQL Injection in Subrion CMS
Critical
CVE-2020-18155
was published
for
intelliants/subrion
(Composer)
Sep 8, 2021
Content object state fetch functions open to SQL injection
High
GHSA-jpwx-ffjq-wr4w
was published
for
ezsystems/ezpublish-legacy
(Composer)
Sep 7, 2021
SQL injection in TYPO3 extension
Critical
CVE-2021-38302
was published
for
ecodev/newsletter
(Composer)
Sep 2, 2021
Unauthenticated SQL Injection in Cachet
High
CVE-2021-39165
was published
for
cachethq/cachet
(Composer)
Aug 30, 2021
SQL injection in pimcore/pimcore
High
CVE-2021-23405
was published
for
pimcore/pimcore
(Composer)
Jul 13, 2021
SQL Injection in NukeViet
Critical
CVE-2019-7726
was published
for
nukeviet/nukeviet
(Composer)
Jun 22, 2021
ProTip!
Advisories are also available from the
GraphQL API