GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
37 advisories
Filter by severity
Blind SQL injection in PrestaShop productcomments module
Low
CVE-2020-26248
was published
for
prestashop/productcomments
(Composer)
Jan 20, 2021
SQL injection vulnerability in MyBB (MyBulletinBoard) 1.1.1 allows remote authenticated...
Low
Unreviewed
CVE-2006-2103
was published
May 1, 2022
sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated...
Low
Unreviewed
CVE-2006-7232
was published
May 1, 2022
** DISPUTED ** MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via the vendor...
Low
Unreviewed
CVE-2018-6382
was published
May 14, 2022
SugarCRM before 10.1.0 (Q3 2020) allows SQL Injection.
Low
Unreviewed
CVE-2020-17373
was published
May 24, 2022
In MMSProvider, there is a possible read of protected data due to improper input validationSQL...
Low
Unreviewed
CVE-2022-20280
was published
Aug 13, 2022
A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive...
Low
Unreviewed
CVE-2022-3710
was published
Dec 1, 2022
RuoYi Uncontrolled Resource Consumption vulnerability
Low
CVE-2023-3163
was published
for
com.ruoyi:ruoyi
(Maven)
Jun 8, 2023
REDCap 12.0.26 LTS and 12.3.2 Standard allows SQL Injection via scheduling, repeatforms, purpose,...
Low
Unreviewed
CVE-2023-37361
was published
Jul 25, 2023
Flyte Admin SQL Injection in List Filters
Low
CVE-2023-41891
was published
for
github.com/flyteorg/flyteadmin
(Go)
Oct 27, 2023
Gila CMS SQL Injection vulnerability
Low
CVE-2020-26624
was published
for
gilacms/gila
(Composer)
Jan 3, 2024
Gila CMS SQL Injection vulnerability
Low
CVE-2020-26625
was published
for
gilacms/gila
(Composer)
Jan 3, 2024
A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the...
Low
Unreviewed
CVE-2023-47219
was published
Jan 5, 2024
An SQL injection vulnerability exists in an undisclosed page of the BIG-IP Configuration utility...
Low
Unreviewed
CVE-2024-23603
was published
Feb 14, 2024
A vulnerability classified as problematic was found in Limbas 5.2.14. Affected by this...
Low
Unreviewed
CVE-2024-1784
was published
Feb 23, 2024
SQL Injection vulnerability in /zms/admin/changeimage.php in PHPGurukul Zoo Management System 1.0...
Low
Unreviewed
CVE-2024-25351
was published
Feb 29, 2024
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the...
Low
Unreviewed
CVE-2022-46498
was published
Mar 7, 2024
HCL DRYiCE MyXalytics is impacted by an insecure SQL interface vulnerability, potentially giving...
Low
Unreviewed
CVE-2023-50347
was published
Apr 10, 2024
A SQL injection vulnerability via the Save Favorite Search function in Axefinance Axe Credit...
Low
Unreviewed
CVE-2024-22856
was published
Apr 22, 2024
dbt has an implicit override for built-in materializations from installed packages
Low
CVE-2024-40637
was published
for
dbt-core
(pip)
Jul 17, 2024
Dell Data Lakehouse, version(s) 1.0.0.0 and 1.1.0.0, contain(s) an Improper Neutralization of...
Low
Unreviewed
CVE-2024-47483
was published
Oct 25, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Low
Unreviewed
CVE-2024-23843
was published
Oct 28, 2024
@langchain/community SQL Injection vulnerability
Low
CVE-2024-7042
was published
for
@langchain/community
(npm)
Oct 29, 2024
Langchain SQL Injection vulnerability
Low
CVE-2024-8309
was published
for
langchain
(pip)
Oct 29, 2024
A SQL Injection vulnerability was found in /admin/edit_class.php in kashipara E-learning...
Low
Unreviewed
CVE-2024-50832
was published
Nov 14, 2024
ProTip!
Advisories are also available from the
GraphQL API