GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
41 advisories
Filter by severity
SQL Injection in Cloud Native Computing Foundation Harbor
High
CVE-2019-19029
was published
for
github.com/goharbor/harbor
(Go)
May 18, 2021
SQL Injection in Cloud Native Computing Foundation Harbor
Moderate
CVE-2019-19026
was published
for
github.com/goharbor/harbor
(Go)
May 18, 2021
SQL Injection in gogs.io/gogs
Moderate
CVE-2014-8681
was published
for
github.com/gogits/gogs
(Go)
Jun 29, 2021
SQL injection in github.com/navidrome/navidrome
Moderate
CVE-2022-23857
was published
for
github.com/navidrome/navidrome
(Go)
Jan 27, 2022
SQL Injection in Casdoor
High
CVE-2022-24124
was published
for
github.com/casdoor/casdoor
(Go)
Feb 1, 2022
Pivotal Concourse SQL Injection Vulnerability
High
CVE-2019-3792
was published
for
github.com/concourse/concourse
(Go)
Feb 15, 2022
SQL Injection in Couchbase Sync Gateway
Critical
CVE-2019-9039
was published
for
github.com/couchbase/sync_gateway
(Go)
Feb 15, 2022
SQLinjection in falcon-plus
Critical
CVE-2022-26245
was published
for
github.com/open-falcon/falcon-plus
(Go)
Mar 28, 2022
IBAX go-ibax vulnerable to SQL injection
High
CVE-2022-3802
was published
for
github.com/IBAX-io/go-ibax
(Go)
Nov 1, 2022
IBAX go-ibax vulnerable to SQL injection
High
CVE-2022-3798
was published
for
github.com/IBAX-io/go-ibax
(Go)
Nov 1, 2022
IBAX go-ibax vulnerable to SQL injection
High
CVE-2022-3801
was published
for
github.com/IBAX-io/go-ibax
(Go)
Nov 1, 2022
IBAX go-ibax vulnerable to SQL injection
High
CVE-2022-3800
was published
for
github.com/IBAX-io/go-ibax
(Go)
Nov 1, 2022
IBAX go-ibax vulnerable to SQL injection
High
CVE-2022-3799
was published
for
github.com/IBAX-io/go-ibax
(Go)
Nov 1, 2022
owncast is vulnerable to SQL Injection
Critical
CVE-2022-3751
was published
for
github.com/owncast/owncast
(Go)
Nov 29, 2022
gosqljson SQL Injection vulnerability
Critical
CVE-2014-125064
was published
for
github.com/elgs/gosqljson
(Go)
Jan 7, 2023
Squalor SQL Injection vulnerability
Critical
CVE-2020-36645
was published
for
github.com/square/squalor
(Go)
Jan 7, 2023
Apache AGE: Python and Golang drivers allow data manipulation and exposure due to SQL injection
High
CVE-2022-45786
was published
for
apache-age-python
(Go)
Feb 4, 2023
rttys SQL Injection vulnerability
High
CVE-2022-38867
was published
for
github.com/zhaojh329/rttys
(Go)
Feb 16, 2023
HashiCorp Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File
Moderate
CVE-2023-0620
was published
for
github.com/hashicorp/vault
(Go)
Mar 30, 2023
SQL injection when using MySQL/PostgreSQL data checking
High
CVE-2023-33967
was published
for
github.com/megaease/easeprobe
(Go)
Jun 6, 2023
Flyte Admin SQL Injection in List Filters
Low
CVE-2023-41891
was published
for
github.com/flyteorg/flyteadmin
(Go)
Oct 27, 2023
SQL injection vulnerability in Meshery
Critical
CVE-2023-46575
was published
for
github.com/layer5io/meshery
(Go)
Nov 24, 2023
Authenticated (user role) SQL injection in `OrderAndPaginate` (GHSL-2023-270)
High
CVE-2024-22196
was published
for
github.com/0xJacky/Nginx-UI
(Go)
Jan 11, 2024
Grafana Arbitrary File Read
Moderate
CVE-2019-19499
was published
for
github.com/grafana/grafana
(Go)
Jan 31, 2024
ProTip!
Advisories are also available from the
GraphQL API