Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

23 advisories

Loading
SQL injection vulnerability in the policy admin tool in Apache Ranger High
CVE-2016-2174 was published for org.apache.ranger:ranger (Maven) Oct 17, 2018
Rating Script Service expose XWiki to SQL injection High
CVE-2021-21380 was published for org.xwiki.platform:xwiki-platform-ratings-api (Maven) Mar 23, 2021
SQL injection in Apache DolphinScheduler High
CVE-2021-27644 was published for org.apache.dolphinscheduler:dolphinscheduler-server (Maven) Nov 3, 2021
Mingsoft MCMS SQL injection vulnerability High
CVE-2021-46385 was published for net.mingsoft:ms-mcms (Maven) Jan 27, 2022
Mingsoft MCMS SQL injection vulnerability High
CVE-2021-46383 was published for net.mingsoft:ms-mcms (Maven) Jan 27, 2022
SQL injection in hibernate-core High
CVE-2020-25638 was published for org.hibernate:hibernate-core (Maven) Feb 9, 2022
vmvarga mpihelgas
SQL Injection in elide-datastore-aggregation High
CVE-2022-24827 was published for com.yahoo.elide:elide-datastore-aggregation (Maven) Apr 8, 2022
Apache OpenMeetings vulnerable to SQL injection High
CVE-2017-7681 was published for org.apache.openmeetings:openmeetings-parent (Maven) May 17, 2022
SQL injection in jflyfox jfinal High
CVE-2022-30500 was published for com.jflyfox:jflyfox_jfinal (Maven) May 27, 2022
SQL Injection found in Dataease High
CVE-2022-34114 was published for io.dataease:dataease-plugin-common (Maven) Jul 23, 2022
PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names High
CVE-2022-31197 was published for org.postgresql:postgresql (Maven) Aug 6, 2022
kato-sho JBrown0x90
jeecg-boot contains SQL Injection vulnerability High
CVE-2023-24789 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Mar 6, 2023
SQL injection in Liferay Portal High
CVE-2023-33945 was published for com.liferay.portal:release.portal.bom (Maven) May 24, 2023
SpringBlade vulnerable to SQL injection High
CVE-2023-40787 was published for org.springblade:blade-core-tool (Maven) Aug 29, 2023
DataEase vulnerable to SQL injection High
CVE-2023-40771 was published for io.dataease:dataease-plugin-common (Maven) Sep 1, 2023
OpenRefine vulnerable to arbitrary file read in project import with mysql jdbc url attack High
CVE-2023-41886 was published for org.openrefine:database (Maven) Sep 12, 2023
nbxiglk0
SQL Injection in Apache InLong High
CVE-2023-43667 was published for org.apache.inlong:inlong (Maven) Oct 16, 2023
Mingsoft MCMS SQL injection High
CVE-2023-50578 was published for net.mingsoft:ms-mcms (Maven) Dec 30, 2023
Hazelcast Platform permission checking in CSV File Source connector High
CVE-2023-45860 was published for com.hazelcast:hazelcast (Maven) Feb 16, 2024
Apache Submarine Server Core has a SQL Injection Vulnerability High
CVE-2024-36263 was published for org.apache.submarine:submarine-server-core (Maven) Jun 12, 2024
JeecgBoot SQL Injection vulnerability High
CVE-2024-48307 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Oct 31, 2024
Duplicate Advisory: Querydsl SQL/HQL injection High
GHSA-wpvf-5mc3-hv6m was published for com.querydsl:querydsl-apt (Maven) Nov 20, 2024 withdrawn
Querydsl vulnerable to HQL injection trough orderBy High
CVE-2024-49203 was published for com.querydsl:querydsl-apt (Maven) Nov 27, 2024
CSIRTTrizna
ProTip! Advisories are also available from the GraphQL API