GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
245 advisories
Filter by severity
SQL Injection in LibreNMS
High
CVE-2019-12465
was published
for
librenms/librenms
(Composer)
Oct 11, 2019
SQL Injection in LibreNMS
High
CVE-2019-10671
was published
for
librenms/librenms
(Composer)
Oct 11, 2019
SQL Injection in SimpleSAMLphp
Critical
CVE-2019-15537
was published
for
cesnet/simplesamlphp-module-proxystatistics
(Composer)
Nov 8, 2019
Symfony Service IDs Allow Injection
Critical
CVE-2019-10910
was published
for
symfony/dependency-injection
(Composer)
Nov 18, 2019
SQL Injection in usmanhalalit/pixie
Critical
CVE-2019-10766
was published
for
usmanhalalit/pixie
(Composer)
Nov 20, 2019
Data leakage via SQL Injection in Pimcore
Moderate
CVE-2019-10763
was published
for
pimcore/pimcore
(Composer)
Dec 2, 2019
Invalid HTTP method overrides allow possible XSS or other attacks in Symfony
Critical
CVE-2019-10913
was published
for
symfony/http-foundation
(Composer)
Dec 2, 2019
SQL injection in phpMyAdmin
Critical
CVE-2019-18622
was published
for
phpmyadmin/phpmyadmin
(Composer)
Jan 16, 2020
SQL injection in Centreon
Critical
CVE-2019-16194
was published
for
centreon/centreon
(Composer)
Feb 11, 2020
Query Binding Exploitation
High
CVE-2021-21263
was published
for
illuminate/database
(Composer)
Jan 19, 2021
Blind SQL injection in PrestaShop productcomments module
Low
CVE-2020-26248
was published
for
prestashop/productcomments
(Composer)
Jan 20, 2021
SQL injection in vhs (aka VHS: Fluid ViewHelpers)
Critical
CVE-2021-28381
was published
for
fluidtypo3/vhs
(Composer)
Mar 29, 2021
SQL Injection in moodle
Moderate
CVE-2020-25700
was published
for
moodle/moodle
(Composer)
Mar 29, 2021
Backport for CVE-2021-21024 Blind SQLi from Magento 2
Critical
CVE-2021-21427
was published
for
openmage/magento-lts
(Composer)
Apr 22, 2021
SQL Server LIMIT / OFFSET SQL Injection in laravel/framework and illuminate/database
High
GHSA-4mg9-vhxq-vm7j
was published
for
illuminate/database
(Composer)
Apr 29, 2021
SQL Injection in librenms
High
CVE-2020-35700
was published
for
librenms/librenms
(Composer)
May 6, 2021
SQL Injection in pimcore
High
CVE-2020-7759
was published
for
pimcore/pimcore
(Composer)
May 6, 2021
SQL Injection in tribalsystems/zenario
Moderate
CVE-2021-27672
was published
for
tribalsystems/zenario
(Composer)
Jun 8, 2021
SQL Injection in NukeViet
Critical
CVE-2019-7726
was published
for
nukeviet/nukeviet
(Composer)
Jun 22, 2021
SQL injection in pimcore/pimcore
High
CVE-2021-23405
was published
for
pimcore/pimcore
(Composer)
Jul 13, 2021
Unauthenticated SQL Injection in Cachet
High
CVE-2021-39165
was published
for
cachethq/cachet
(Composer)
Aug 30, 2021
SQL injection in TYPO3 extension
Critical
CVE-2021-38302
was published
for
ecodev/newsletter
(Composer)
Sep 2, 2021
Content object state fetch functions open to SQL injection
High
GHSA-jpwx-ffjq-wr4w
was published
for
ezsystems/ezpublish-legacy
(Composer)
Sep 7, 2021
SQL Injection in Subrion CMS
Critical
CVE-2020-18155
was published
for
intelliants/subrion
(Composer)
Sep 8, 2021
ProTip!
Advisories are also available from the
GraphQL API