GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,678
NuGet
645
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
3,708 advisories
Filter by severity
SQL Injection in medoo
Critical
CVE-2019-10762
was published
for
catfan/medoo
(Composer)
Oct 12, 2021
SQL Injection in topthink/thinkphp
Critical
CVE-2020-20120
was published
for
topthink/thinkphp
(Composer)
Sep 30, 2021
SQL Injection in Subrion CMS
Critical
CVE-2020-18155
was published
for
intelliants/subrion
(Composer)
Sep 8, 2021
SQL injection in TYPO3 extension
Critical
CVE-2021-38302
was published
for
ecodev/newsletter
(Composer)
Sep 2, 2021
SQL Injection in NukeViet
Critical
CVE-2019-7726
was published
for
nukeviet/nukeviet
(Composer)
Jun 22, 2021
SQL Injection in Apache SkyWalking
Critical
CVE-2020-13921
was published
for
org.apache.skywalking:oap-server
(Maven)
May 7, 2021
SQL Injection in odata4j
Critical
CVE-2016-11023
was published
for
org.odata4j:odata4j-core
(Maven)
May 7, 2021
SQL Injection in odata4j
Critical
CVE-2016-11024
was published
for
org.odata4j:odata4j-core
(Maven)
May 7, 2021
Backport for CVE-2021-21024 Blind SQLi from Magento 2
Critical
CVE-2021-21427
was published
for
openmage/magento-lts
(Composer)
Apr 22, 2021
SQL injection in vhs (aka VHS: Fluid ViewHelpers)
Critical
CVE-2021-28381
was published
for
fluidtypo3/vhs
(Composer)
Mar 29, 2021
SQL Injection via GeoJSON in sequelize
Critical
CVE-2016-1000225
was published
for
sequelize
(npm)
Sep 1, 2020
SQL Injection in Kylin
Critical
CVE-2020-13926
was published
for
org.apache.kylin:kylin-server-base
(Maven)
Jul 27, 2020
SQL injection in Centreon
Critical
CVE-2019-16194
was published
for
centreon/centreon
(Composer)
Feb 11, 2020
SQL injection in phpMyAdmin
Critical
CVE-2019-18622
was published
for
phpmyadmin/phpmyadmin
(Composer)
Jan 16, 2020
Invalid HTTP method overrides allow possible XSS or other attacks in Symfony
Critical
CVE-2019-10913
was published
for
symfony/http-foundation
(Composer)
Dec 2, 2019
SQL Injection in usmanhalalit/pixie
Critical
CVE-2019-10766
was published
for
usmanhalalit/pixie
(Composer)
Nov 20, 2019
Symfony Service IDs Allow Injection
Critical
CVE-2019-10910
was published
for
symfony/dependency-injection
(Composer)
Nov 18, 2019
SQL Injection in SimpleSAMLphp
Critical
CVE-2019-15537
was published
for
cesnet/simplesamlphp-module-proxystatistics
(Composer)
Nov 8, 2019
ProTip!
Advisories are also available from the
GraphQL API