Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

49 advisories

Loading
Apache Superset's SQL Alchemy connector vulnerable to SQL Injection Moderate
CVE-2022-41703 was published for apache-superset (pip) Jan 16, 2023
SQL Injection in FreeTAKServer-UI Moderate
CVE-2022-25506 was published for FreeTAKServer-UI (pip) Mar 12, 2022
SQL injection in calibreweb Critical
CVE-2022-30765 was published for calibreweb (pip) May 17, 2022
SQL injection in apache-superset Critical
CVE-2022-27479 was published for apache-superset (pip) Apr 14, 2022
SQL injection in Apache Submarine Critical
CVE-2023-37924 was published for apache-submarine (pip) Nov 22, 2023
r3kumar
Apache Superset SQL injection vulnerability Moderate
CVE-2023-49736 was published for apache-superset (pip) Dec 19, 2023
SQL injection in llama-index Critical
CVE-2024-23751 was published for llama-index (pip) Jan 22, 2024
PyGreSQL Might Be Vulnerable to Encoding-Based SQL Injection High
CVE-2009-2940 was published for PyGreSQL (pip) May 2, 2022
SQLAlchemyDA unauthenticated arbitrary SQL query execution Critical
CVE-2024-24811 was published for Products.SQLAlchemyDA (pip) Feb 7, 2024
perrinjerome dataflake
Apache AGE: Python and Golang drivers allow data manipulation and exposure due to SQL injection High
CVE-2022-45786 was published for apache-age-python (Go) Feb 4, 2023
oscerd
postgraas-server vulnerable to SQL injection Critical
CVE-2018-25088 was published for postgraas-server (pip) Jul 18, 2023
Mocodo vulnerable to SQL injection in `/web/generate.php` Critical
CVE-2024-35374 was published for mocodo (pip) May 28, 2024
SQL injection in litellm Moderate
CVE-2024-4890 was published for litellm (pip) Jun 6, 2024
SQL injection in litellm Moderate
CVE-2024-5225 was published for litellm (pip) Jun 6, 2024
PyMySQL SQL Injection vulnerability Critical
CVE-2024-36039 was published for pymysql (pip) May 21, 2024
NASA AIT-Core vulnerable to SQL Injection Critical
CVE-2024-35056 was published for ait-core (pip) May 21, 2024
Apache Superset vulnerable to improper SQL authorization Moderate
CVE-2024-39887 was published for apache-superset (pip) Jul 16, 2024
LF Edge eKuiper has a SQL Injection in sqlKvStore High
CVE-2024-43406 was published for ekuiper (Go) Aug 20, 2024
leonnewton
Django SQL injection vulnerability Critical
CVE-2024-42005 was published for Django (pip) Aug 7, 2024
Arches vulnerable to execution of arbitrary SQL High
CVE-2022-41892 was published for arches (pip) Nov 11, 2022
sylwia-budzynska tdunlap607
Apache Superset SQL Injection when template processing is enabled High
CVE-2021-41971 was published for apache-superset (pip) May 24, 2022
SQL Injection via in django-debug-toolbar High
CVE-2021-30459 was published for django-debug-toolbar (pip) Apr 16, 2021
alex
Django Vulnerable to MySQL Injection High
CVE-2014-0474 was published for Django (pip) May 17, 2022
SQL injection in Django Critical
CVE-2020-7471 was published for Django (pip) Feb 11, 2020
SQL injection in Django High
CVE-2020-9402 was published for Django (pip) Jun 5, 2020
sunSUNQ
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database