GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
84 advisories
Filter by severity
Querydsl vulnerable to HQL injection trough orderBy
High
CVE-2024-49203
was published
for
com.querydsl:querydsl-apt
(Maven)
Nov 27, 2024
Duplicate Advisory: Querydsl SQL/HQL injection
High
GHSA-wpvf-5mc3-hv6m
was published
for
com.querydsl:querydsl-apt
(Maven)
Nov 20, 2024
•
withdrawn
Hazelcast Platform permission checking in CSV File Source connector
High
CVE-2023-45860
was published
for
com.hazelcast:hazelcast
(Maven)
Feb 16, 2024
JeecgBoot SQL Injection vulnerability
High
CVE-2024-48307
was published
for
org.jeecgframework.boot:jeecg-boot-parent
(Maven)
Oct 31, 2024
Apache InLong SQL Injection vulnerability
Moderate
CVE-2023-30465
was published
for
org.apache.inlong:manager-pojo
(Maven)
Jul 6, 2023
SQL injection in audit endpoint
Critical
CVE-2023-35088
was published
for
org.apache.inlong:manager-service
(Maven)
Jul 25, 2023
SQL Injection in Apache InLong
High
CVE-2023-43667
was published
for
org.apache.inlong:inlong
(Maven)
Oct 16, 2023
Jeecg Boot SQL injection vulnerability
Critical
CVE-2023-41542
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Dec 30, 2023
SQL Injection in Hibernate ORM
Moderate
CVE-2019-14900
was published
for
org.hibernate:hibernate-core
(Maven)
Feb 10, 2022
SQL injection in hibernate-core
High
CVE-2020-25638
was published
for
org.hibernate:hibernate-core
(Maven)
Feb 9, 2022
Apache Submarine Server Core has a SQL Injection Vulnerability
High
CVE-2024-36263
was published
for
org.apache.submarine:submarine-server-core
(Maven)
Jun 12, 2024
Duplicate Advisory: SQL injection in pgjdbc
Critical
GHSA-xfg6-62px-cxc2
was published
for
org.postgresql:postgresql
(Maven)
Feb 19, 2024
•
withdrawn
MyBatis-Plus vulnerable to SQL injection via TenantPlugin
Critical
CVE-2023-25330
was published
for
com.baomidou:mybatis-plus
(Maven)
Apr 5, 2023
Dromara hutool vulnerable to SQL Injection
Critical
CVE-2023-24163
was published
for
cn.hutool:hutool-all
(Maven)
Jan 31, 2023
Amazon JDBC Driver for Redshift SQL Injection via line comment generation
Critical
CVE-2024-32888
was published
for
com.amazon.redshift:redshift-jdbc42
(Maven)
May 15, 2024
SQL Injection in hive-jdbc
Critical
CVE-2018-1282
was published
for
org.apache.hive:hive-jdbc
(Maven)
Nov 21, 2018
SQL injection in Folio Spring Module Core
Moderate
CVE-2022-4963
was published
for
org.folio:spring-module-core
(Maven)
Mar 21, 2024
Blind SQL Injection with privileged Cloud Foundry UAA endpoints
Moderate
CVE-2017-4974
was published
for
org.cloudfoundry.identity:cloudfoundry-identity-server
(Maven)
May 13, 2022
org.postgresql:postgresql vulnerable to SQL Injection via line comment generation
Critical
CVE-2024-1597
was published
for
org.postgresql:postgresql
(Maven)
Feb 21, 2024
Apache Derby SQL Injection
Moderate
CVE-2006-7217
was published
for
org.apache.derby:derby
(Maven)
May 1, 2022
Mingsoft MCMS SQL injection
High
CVE-2023-50578
was published
for
net.mingsoft:ms-mcms
(Maven)
Dec 30, 2023
Jeecg Boot SQL Injection
Critical
CVE-2023-41543
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Dec 30, 2023
Apache StreamPark: Authenticated system users could trigger SQL injection vulnerability
Moderate
CVE-2023-30867
was published
for
org.apache.streampark:streampark
(Maven)
Dec 15, 2023
RuoYi vulnerable to SQL injection vulnerability
Critical
CVE-2023-49371
was published
for
com.ruoyi:ruoyi
(Maven)
Dec 1, 2023
Apache Cocoon SQL Injection vulnerability
Critical
CVE-2022-45135
was published
for
org.apache.cocoon:cocoon
(Maven)
Nov 30, 2023
ProTip!
Advisories are also available from the
GraphQL API