GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
45 advisories
Filter by severity
SQL Injection in hive-jdbc
Critical
CVE-2018-1282
was published
for
org.apache.hive:hive-jdbc
(Maven)
Nov 21, 2018
SQL Injection in Kylin
Critical
CVE-2020-13926
was published
for
org.apache.kylin:kylin-server-base
(Maven)
Jul 27, 2020
SQL Injection in odata4j
Critical
CVE-2016-11024
was published
for
org.odata4j:odata4j-core
(Maven)
May 7, 2021
SQL Injection in odata4j
Critical
CVE-2016-11023
was published
for
org.odata4j:odata4j-core
(Maven)
May 7, 2021
SQL Injection in Apache SkyWalking
Critical
CVE-2020-13921
was published
for
org.apache.skywalking:oap-server
(Maven)
May 7, 2021
SQL Injection in Log4j 1.2.x
Critical
CVE-2022-23305
was published
for
log4j:log4j
(Maven)
Jan 21, 2022
SQL Injection in JeecgBoot
Critical
CVE-2021-46089
was published
for
org.jeecgframework.boot:jeecg-boot-base
(Maven)
Jan 26, 2022
SQL injection without credentials in ming-soft MCMS
Critical
CVE-2020-23262
was published
for
net.mingsoft:ms-mcms
(Maven)
Feb 9, 2022
SQL Injection in Jeecg-boot
Critical
CVE-2022-22881
was published
for
org.jeecgframework.boot:jeecg-boot-base
(Maven)
Feb 17, 2022
SQL Injection in Jeecg-boot
Critical
CVE-2022-22880
was published
for
org.jeecgframework.boot:jeecg-boot-base
(Maven)
Feb 17, 2022
SQL injection in MCMS
Critical
CVE-2021-44868
was published
for
net.mingsoft:ms-mcms
(Maven)
Feb 18, 2022
SQL injection in net.mingsoft:ms-mcms
Critical
CVE-2022-23899
was published
for
net.mingsoft:ms-mcms
(Maven)
Mar 4, 2022
SQL injection in net.mingsoft:ms-mcms
Critical
CVE-2022-23898
was published
for
net.mingsoft:ms-mcms
(Maven)
Mar 4, 2022
MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameter
Critical
CVE-2022-28111
was published
for
com.github.pagehelper:pagehelper
(Maven)
May 5, 2022
OHDSI WebAPI vulnerable to SQL Injection
Critical
CVE-2019-15563
was published
for
org.ohdsi:WebAPI
(Maven)
May 24, 2022
Dataease v1.11.1 SQL Injection via parameter dataSourceId
Critical
CVE-2022-34115
was published
for
io.dataease:dataease-plugin-common
(Maven)
Jul 23, 2022
Mingsoft MCMS SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter
Critical
CVE-2022-36272
was published
for
net.mingsoft:ms-mcms
(Maven)
Aug 17, 2022
Mingsoft MCMS SQL injection vulnerability in /mdiy/model/delete URI via models List
Critical
CVE-2022-36599
was published
for
net.mingsoft:ms-mcms
(Maven)
Aug 17, 2022
SQL injection in jflyfox jfinal
Critical
CVE-2022-37223
was published
for
com.jflyfox:jflyfox_jfinal
(Maven)
Aug 24, 2022
SQL injection in jflyfox jfinal
Critical
CVE-2022-37199
was published
for
com.jflyfox:jflyfox_jfinal
(Maven)
Aug 24, 2022
Jeecg-boot vulnerable to SQL injection via updateNullByEmptyString
Critical
CVE-2022-45207
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Nov 25, 2022
Jeecg-boot vulnerable to SQL Injection
Critical
CVE-2022-45206
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Nov 25, 2022
Mingsoft MCMS vulnerable to SQL Injection
Critical
CVE-2022-4375
was published
for
net.mingsoft:ms-mcms
(Maven)
Dec 9, 2022
Jeecg-boot is vulnerable to SQL injection
Critical
CVE-2022-47105
was published
for
org.jeecgframework.boot:jeecg-boot-base-core
(Maven)
Jan 19, 2023
Dromara hutool vulnerable to SQL Injection
Critical
CVE-2023-24163
was published
for
cn.hutool:hutool-all
(Maven)
Jan 31, 2023
ProTip!
Advisories are also available from the
GraphQL API