GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
234 advisories
Filter by severity
NukeViet SQL Injection vulnerability via topicsid parameter
Critical
CVE-2020-21808
was published
for
nukeviet/nukeviet
(Composer)
May 24, 2022
NukeViet SQL Injection vulnerability
Critical
CVE-2020-21809
was published
for
nukeviet/nukeviet
(Composer)
May 24, 2022
qcubed SQL injection vulnerability in profile.php via the strQuery parameter
Critical
CVE-2020-24913
was published
for
qcubed/qcubed
(Composer)
May 24, 2022
Magento Blind SQL Injection in the Search module
Critical
CVE-2021-21024
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento SQL Injection vulnerability
High
CVE-2020-24400
was published
for
magento/community-edition
(Composer)
May 24, 2022
phpMyAdmin SQL injection vulnerability
Critical
CVE-2020-26935
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
MunkiReport reportdata module SQL injection vulnerability
High
CVE-2020-15886
was published
for
munkireport/reportdata
(Composer)
May 24, 2022
MunkiReport Software Update module is vulnerable to SQL injection
High
CVE-2020-15887
was published
for
munkireport/softwareupdate
(Composer)
May 24, 2022
LibreNMS SQL Injection vulnerability
Moderate
CVE-2020-15873
was published
for
librenms/librenms
(Composer)
May 24, 2022
Dolibarr SQL injection vulnerability in accountancy/customer/card.php
High
CVE-2020-14443
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
phpMyAdmin SQL Injection
High
CVE-2020-10804
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
phpMyAdmin SQL injection vulnerability
Moderate
CVE-2020-10803
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
phpMyAdmin SQL injection vulnerability
High
CVE-2020-10802
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
Dolibarr ERP and CRM SQLi
High
CVE-2019-19209
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
Magento sql injection vulnerability
High
CVE-2020-3719
was published
for
magento/community-edition
(Composer)
May 24, 2022
phpMyAdmin SQL injection in user accounts page
High
CVE-2020-5504
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 24, 2022
Magento Injection vulnerability via email templates
Moderate
CVE-2019-8143
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento SQL injection via marketing account with access to email templates variables
High
CVE-2019-8134
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento SQL injection vulnerability
High
CVE-2019-8130
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition SQLi Vulnerability
High
CVE-2019-8127
was published
for
magento/community-edition
(Composer)
May 24, 2022
Zend Framework Allows SQL Injection
Critical
CVE-2015-0270
was published
for
zendframework/zend-db
(Composer)
May 24, 2022
Yii SQL injection vulnerability
Critical
CVE-2018-7269
was published
for
yiisoft/yii2-dev
(Composer)
May 24, 2022
url_redirect for Typo3 SQLi Vulnerability
High
CVE-2019-16682
was published
for
sfroemken/url_redirect
(Composer)
May 24, 2022
BEdita vulnerable to SQL injection
Critical
CVE-2019-15570
was published
for
bedita/bedita
(Composer)
May 24, 2022
Contao SQL injection in the file manager
Critical
CVE-2019-11512
was published
for
contao/contao
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API