GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
3,368 advisories
Filter by severity
Dolibarr vulnerable to SQL Injection
Critical
CVE-2024-5315
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2024
Dolibarr vulnerable to SQL Injection
Critical
CVE-2024-5314
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2024
Sante PACS Server PG Patient Query SQL Injection Remote Code Execution Vulnerability. This...
Critical
Unreviewed
CVE-2023-51637
was published
May 22, 2024
PyMySQL SQL Injection vulnerability
Critical
CVE-2024-36039
was published
for
pymysql
(pip)
May 21, 2024
propel/propel1 SQL injection possible with limit() on MySQL
Critical
GHSA-7g7c-qhf3-x59p
was published
for
propel/propel1
(Composer)
May 20, 2024
Propel2 SQL injection possible with limit() on MySQL
Critical
GHSA-7vw7-qx38-37vr
was published
for
propel/propel
(Composer)
May 20, 2024
Vulnerability in SiAdmin 1.1 that allows SQL injection via the /modul/mod_kuliah/aksi_kuliah.php...
Critical
Unreviewed
CVE-2024-4992
was published
May 16, 2024
Vulnerability in SiAdmin 1.1 that allows SQL injection via the /modul/mod_pass/aksi_pass.php...
Critical
Unreviewed
CVE-2024-4991
was published
May 16, 2024
SQL injection vulnerability in Simple PHP Shopping Cart affecting version 0.9. This vulnerability...
Critical
Unreviewed
CVE-2024-4826
was published
May 16, 2024
ADOdb SQL injection vulnerability
Critical
GHSA-h63c-xvpf-264j
was published
for
adodb/adodb-php
(Composer)
May 15, 2024
Amazon JDBC Driver for Redshift SQL Injection via line comment generation
Critical
CVE-2024-32888
was published
for
com.amazon.redshift:redshift-jdbc42
(Maven)
May 15, 2024
DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to...
Critical
Unreviewed
CVE-2024-4893
was published
May 15, 2024
Vulnerability in School ERP Pro+Responsive 1.0 that allows SQL injection through the '/SchoolERP...
Critical
Unreviewed
CVE-2024-4824
was published
May 14, 2024
SQL injection vulnerability in Gescen on the centrosdigitales.net platform. This vulnerability...
Critical
Unreviewed
CVE-2024-4466
was published
May 3, 2024
Voltronic Power ViewPower Pro selectDeviceListBy SQL Injection Remote Code Execution...
Critical
Unreviewed
CVE-2023-51595
was published
May 3, 2024
Voltronic Power ViewPower Pro selectEventConfig SQL Injection Remote Code Execution Vulnerability...
Critical
Unreviewed
CVE-2023-51586
was published
May 3, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-33546
was published
Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-33544
was published
Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-33559
was published
Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-33551
was published
Apr 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-32709
was published
Apr 24, 2024
Zend Framework SQL injection vulnerability
Critical
CVE-2014-8089
was published
for
zendframework/zend-db
(Composer)
Apr 23, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2024-32128
was published
Apr 15, 2024
SQL Injection Vulnerability has been found on OpenGnsys product affecting version 1.1.1d (Espeto)...
Critical
Unreviewed
CVE-2024-3704
was published
Apr 12, 2024
The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup...
Critical
Unreviewed
CVE-2024-2879
was published
Apr 3, 2024
ProTip!
Advisories are also available from the
GraphQL API