Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

201 advisories

Loading
Apache Submarine Server Core has a SQL Injection Vulnerability High
CVE-2024-36263 was published for org.apache.submarine:submarine-server-core (Maven) Jun 12, 2024
ZendFramework SQL injection due to execution of platform-specific SQL containing interpolations High
GHSA-x2f4-8wxf-w3vf was published for zendframework/zendframework (Composer) Jun 7, 2024
TYPO3 CMS Privilege Escalation and SQL Injection High
GHSA-45wj-jv2h-jwrf was published for typo3/cms-core (Composer) May 30, 2024
silverstripe/subsites Unsafe SQL Query Construction (Safe Data Source) High
GHSA-xc69-p8fc-m6m5 was published for silverstripe/subsites (Composer) May 28, 2024
silverstripe/taxonomy SQL Injection vulnerability High
GHSA-p2v5-xcqm-4fv6 was published for silverstripe/taxonomy (Composer) May 28, 2024
silverstripe/framework has potential SQL Injection vulnerability in PostgreSQL database connector High
GHSA-265q-222x-52m6 was published for silverstripe/framework (Composer) May 28, 2024
silverstripe/framework SQL injection in full text search High
GHSA-xx4r-5265-48j6 was published for silverstripe/framework (Composer) May 27, 2024
laravel framework SQL Injection via limit and offset functions High
GHSA-wq8p-mqvg-2p5h was published for laravel/framework (Composer) May 15, 2024
Npgsql vulnerable to SQL Injection via Protocol Message Size Overflow High
CVE-2024-32655 was published for Npgsql (NuGet) May 9, 2024
paul-gerste-sonarsource NinoFloris
LibreNMS vulnerable to a Time-Based Blind SQL injection leads to database extraction High
CVE-2024-32480 was published for librenms/librenms (Composer) Apr 22, 2024
sco4x0
LibreNMS vulnerable to SQL injection time-based leads to database extraction High
CVE-2024-32461 was published for librenms/librenms (Composer) Apr 22, 2024
Louhan-dev
Centreon updateGroups SQL Injection Remote Code Execution Vulnerability High
CVE-2024-23115 was published for centreon/centreon (Composer) Apr 2, 2024
Centreon updateContactServiceCommands SQL Injection Remote Code Execution Vulnerability High
CVE-2024-23117 was published for centreon/centreon (Composer) Apr 2, 2024
Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability High
CVE-2024-0637 was published for centreon/centreon (Composer) Apr 2, 2024
Centreon updateContactHostCommands SQL Injection Remote Code Execution Vulnerability High
CVE-2024-23118 was published for centreon/centreon (Composer) Apr 2, 2024
Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability High
CVE-2024-23119 was published for centreon/centreon (Composer) Apr 2, 2024
Centreon updateLCARelation SQL Injection Remote Code Execution Vulnerability High
CVE-2024-23116 was published for centreon/centreon (Composer) Apr 2, 2024
SQL Injection vulnerability in Reportico Till High
CVE-2023-47438 was published for reportico-web/reportico (Composer) Mar 28, 2024
phpMyFAQ SQL injections at insertentry & saveentry High
CVE-2024-28107 was published for phpmyfaq/phpmyfaq (Composer) Mar 25, 2024
kevinnivekkevin
phpMyFAQ SQL Injection at "Save News" High
CVE-2024-27299 was published for phpmyfaq/phpmyfaq (Composer) Mar 25, 2024
kevinnivekkevin
pgproto3 SQL Injection via Protocol Message Size Overflow High
GHSA-7jwh-3vrq-q3m8 was published for github.com/jackc/pgproto3 (Go) Mar 4, 2024
paul-gerste-sonarsource
pgx SQL Injection via Protocol Message Size Overflow High
CVE-2024-27304 was published for github.com/jackc/pgx (Go) Mar 4, 2024
paul-gerste-sonarsource
pgx SQL Injection via Line Comment Creation High
CVE-2024-27289 was published for github.com/jackc/pgx (Go) Mar 4, 2024
paul-gerste-sonarsource
Hazelcast Platform permission checking in CSV File Source connector High
CVE-2023-45860 was published for com.hazelcast:hazelcast (Maven) Feb 16, 2024
SQL Injection in Admin download files as zip High
CVE-2024-23646 was published for pimcore/admin-ui-classic-bundle (Composer) Jan 24, 2024
wkania
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database