GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
6,367 advisories
Filter by severity
NoSQL Injection in loopback-connector-mongodb
High
GHSA-m734-r4g6-34f9
was published
for
loopback-connector-mongodb
(npm)
Jun 4, 2019
SQL injection vulnerability in the policy admin tool in Apache Ranger
High
CVE-2016-2174
was published
for
org.apache.ranger:ranger
(Maven)
Oct 17, 2018
Potential SQL Injection in sequelize
High
CVE-2016-10553
was published
for
sequelize
(npm)
Feb 18, 2019
SQL Injection in waterline-sequel
High
CVE-2016-10551
was published
for
waterline-sequel
(npm)
Feb 18, 2019
NoSQL Injection in loopback-connector-mongodb
High
GHSA-hxwc-5vw9-2w4w
was published
for
loopback-connector-mongodb
(npm)
Sep 2, 2020
NoSQL injection in express-cart
High
GHSA-f5cv-xrv9-r8w7
was published
for
express-cart
(npm)
Sep 1, 2020
SQL Injection in sails-mysql
High
GHSA-hx5x-49mm-vmhw
was published
for
sails-mysql
(npm)
Sep 3, 2020
SQL Injection in untitled-model
High
GHSA-hq8g-qq57-5275
was published
for
untitled-model
(npm)
Sep 11, 2020
SQL Server LIMIT / OFFSET SQL Injection in laravel/framework and illuminate/database
High
GHSA-4mg9-vhxq-vm7j
was published
for
illuminate/database
(Composer)
Apr 29, 2021
Content object state fetch functions open to SQL injection
High
GHSA-jpwx-ffjq-wr4w
was published
for
ezsystems/ezpublish-legacy
(Composer)
Sep 7, 2021
Possible SQL injection in tablelookupwizard Contao Extension
High
GHSA-v3mr-gp7j-pw5w
was published
for
terminal42/contao-tablelookupwizard
(Composer)
Feb 10, 2022
SQL Injection in connect-pg-simple
High
CVE-2019-15658
was published
for
connect-pg-simple
(npm)
Aug 26, 2019
It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly...
High
Unreviewed
CVE-2020-14349
was published
May 24, 2022
CentOS-WebPanel.com (aka CWP) CentOS Web Panel (for CentOS 6 and 7) allows SQL Injection via the ...
High
Unreviewed
CVE-2020-10230
was published
May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected...
High
Unreviewed
CVE-2020-15620
was published
May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected...
High
Unreviewed
CVE-2020-15616
was published
May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected...
High
Unreviewed
CVE-2020-15622
was published
May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected...
High
Unreviewed
CVE-2020-15617
was published
May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected...
High
Unreviewed
CVE-2020-15618
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API