Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

12,741 advisories

Loading
SQL Injection in resquel High
GHSA-crpm-fm48-chj7 was published for resquel (npm) Sep 11, 2020
SQL Server LIMIT / OFFSET SQL Injection in laravel/framework and illuminate/database High
GHSA-4mg9-vhxq-vm7j was published for illuminate/database (Composer) Apr 29, 2021
SQL Injection in Gogs High
CVE-2014-8682 was published for gogs.io/gogs (Go) Jun 29, 2021
Content object state fetch functions open to SQL injection High
GHSA-jpwx-ffjq-wr4w was published for ezsystems/ezpublish-legacy (Composer) Sep 7, 2021
Possible SQL injection in tablelookupwizard Contao Extension High
GHSA-v3mr-gp7j-pw5w was published for terminal42/contao-tablelookupwizard (Composer) Feb 10, 2022
SQL Injection in connect-pg-simple High
CVE-2019-15658 was published for connect-pg-simple (npm) Aug 26, 2019
A vulnerability, which was classified as critical, has been found in SourceCodester Online Flight... Critical Unreviewed
CVE-2023-0245 was published Jan 12, 2023
A vulnerability classified as critical has been found in TuziCMS 2.0.6. This affects the function... Critical Unreviewed
CVE-2023-0243 was published Jan 12, 2023
Fat Free CRM vulnerable to SQL Injection Moderate
CVE-2013-7225 was published for fat_free_crm (RubyGems) May 17, 2022
It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly... High Unreviewed
CVE-2020-14349 was published May 24, 2022
A vulnerability, which was classified as critical, has been found in pointhi searx_stats. This... Critical Unreviewed
CVE-2014-125077 was published Jan 15, 2023
Apache Superset's SQL Alchemy connector vulnerable to SQL Injection Moderate
CVE-2022-41703 was published for apache-superset (pip) Jan 16, 2023
CentOS-WebPanel.com (aka CWP) CentOS Web Panel (for CentOS 6 and 7) allows SQL Injection via the ... High Unreviewed
CVE-2020-10230 was published May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected... High Unreviewed
CVE-2020-15620 was published May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected... High Unreviewed
CVE-2020-15616 was published May 24, 2022
The Fontsy WordPress plugin through 1.8.6 does not properly sanitize and escape a parameter... Critical Unreviewed
CVE-2022-4447 was published Jan 16, 2023
A vulnerability was found in 2071174A vinylmap. It has been classified as critical. Affected is... Critical Unreviewed
CVE-2015-10056 was published Jan 16, 2023
A vulnerability, which was classified as critical, has been found in risheesh debutsav. This... Critical Unreviewed
CVE-2014-125081 was published Jan 18, 2023
A vulnerability was found in VictorFerraresi pokemon-database-php. It has been declared as... Critical Unreviewed
CVE-2015-10064 was published Jan 17, 2023
A vulnerability classified as critical has been found in PrivateSky apersistence. This affects an... Critical Unreviewed
CVE-2017-20171 was published Jan 18, 2023
This vulnerability allows remote attackers to disclose sensitive information on affected... High Unreviewed
CVE-2020-15622 was published May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected... High Unreviewed
CVE-2020-15617 was published May 24, 2022
A vulnerability was found in nivit redports. It has been declared as critical. This vulnerability... Critical Unreviewed
CVE-2014-125082 was published Jan 18, 2023
A vulnerability was found in PictureThisWebServer and classified as critical. This issue affects... Critical Unreviewed
CVE-2015-10055 was published Jan 16, 2023
This vulnerability allows remote attackers to disclose sensitive information on affected... High Unreviewed
CVE-2020-15618 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database