Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

23 advisories

Loading
Mongoose search injection vulnerability High
CVE-2024-53900 was published for mongoose (npm) Dec 2, 2024
balles skrtheboss
FUXA SQL Injection vulnerability High
CVE-2023-31717 was published for fuxa-server (npm) Sep 22, 2023
Knex.js has a limited SQL injection vulnerability High
CVE-2016-20018 was published for knex (npm) Dec 19, 2022
alokmenghrajani pmartinat
tdunlap607
SQL Injection in sequelize High
CVE-2016-10556 was published for sequelize (npm) Feb 18, 2019
tdunlap607
Madge vulnerable to command injection High
CVE-2021-23352 was published for madge (npm) Mar 12, 2021
NoSQL Injection in sequelize High
GHSA-wfp9-vr4j-f49j was published for sequelize (npm) Jun 4, 2019
tdunlap607
Strapi mishandles hidden attributes within admin API responses High
CVE-2022-31367 was published for @strapi/strapi (npm) Sep 28, 2022
SQL Injection in thinkjs High
CVE-2020-21176 was published for thinkjs (npm) Nov 19, 2021
@cubejs-backend/api-gateway row level security bypass High
CVE-2022-23510 was published for @cubejs-backend/api-gateway (npm) Dec 12, 2022
SQL Injection when creating an application with Reactive SQL backend High
CVE-2022-24815 was published for generator-jhipster (npm) Apr 7, 2022
atomfrede pascalgrimaud
appkr OmarHawk deepu105
SQL Injection in connect-pg-simple High
CVE-2019-15658 was published for connect-pg-simple (npm) Aug 26, 2019
SQL Injection in untitled-model High
GHSA-hq8g-qq57-5275 was published for untitled-model (npm) Sep 11, 2020
SQL Injection in resquel High
GHSA-crpm-fm48-chj7 was published for resquel (npm) Sep 11, 2020
SQL Injection in sails-mysql High
GHSA-hx5x-49mm-vmhw was published for sails-mysql (npm) Sep 3, 2020
NoSQL injection in express-cart High
GHSA-f5cv-xrv9-r8w7 was published for express-cart (npm) Sep 1, 2020
NoSQL Injection in loopback-connector-mongodb High
GHSA-hxwc-5vw9-2w4w was published for loopback-connector-mongodb (npm) Sep 2, 2020
SQL Injection in sequelize High
CVE-2015-1369 was published for sequelize (npm) Oct 24, 2017
SQL Injection in query-mysql High
CVE-2018-3754 was published for query-mysql (npm) Sep 10, 2018
SQL Injection in sequelize High
CVE-2016-10550 was published for sequelize (npm) Feb 18, 2019
SQL Injection in waterline-sequel High
CVE-2016-10551 was published for waterline-sequel (npm) Feb 18, 2019
Potential SQL Injection in sequelize High
CVE-2016-10553 was published for sequelize (npm) Feb 18, 2019
NoSQL Injection in loopback-connector-mongodb High
GHSA-m734-r4g6-34f9 was published for loopback-connector-mongodb (npm) Jun 4, 2019
SQL Injection in typeorm High
GHSA-w7q7-vjp8-7jv4 was published for typeorm (npm) Jun 6, 2019
ProTip! Advisories are also available from the GraphQL API