GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
48 advisories
Filter by severity
@langchain/community SQL Injection vulnerability
Low
CVE-2024-7042
was published
for
@langchain/community
(npm)
Oct 29, 2024
NocoDB SQL Injection vulnerability
Moderate
CVE-2023-50718
was published
for
nocodb
(npm)
May 13, 2024
Insufficient validation when decoding a Socket.IO packet
Critical
CVE-2022-2421
was published
for
socket.io-parser
(npm)
Oct 26, 2022
ZDI-CAN-19105: Parse Server literalizeRegexPart SQL Injection
Critical
CVE-2024-27298
was published
for
parse-server
(npm)
Mar 1, 2024
FUXA SQL Injection vulnerability
Critical
CVE-2023-31719
was published
for
fuxa-server
(npm)
Sep 22, 2023
FUXA SQL Injection vulnerability
High
CVE-2023-31717
was published
for
fuxa-server
(npm)
Sep 22, 2023
nocodb SQL Injection vulnerability
Moderate
CVE-2023-43794
was published
for
nocodb
(npm)
Oct 17, 2023
nodebatis SQL Injection vulnerability
Critical
CVE-2018-25066
was published
for
nodebatis
(npm)
Jan 6, 2023
Knex.js has a limited SQL injection vulnerability
High
CVE-2016-20018
was published
for
knex
(npm)
Dec 19, 2022
Madge vulnerable to command injection
High
CVE-2021-23352
was published
for
madge
(npm)
Mar 12, 2021
feathers-sequelize vulnerable to SQL injection due to improper parameter filtering
Critical
CVE-2022-29822
was published
for
feathers-sequelize
(npm)
Oct 26, 2022
SQL Injection via GeoJSON in sequelize
Critical
CVE-2016-1000225
was published
for
sequelize
(npm)
Sep 1, 2020
feathers-sequelize contains improper input validation leading to SQL injection
Critical
CVE-2022-2422
was published
for
feathers-sequelize
(npm)
Oct 26, 2022
Sequelize vulnerable to SQL Injection via replacements
Critical
CVE-2023-25813
was published
for
sequelize
(npm)
Feb 22, 2023
Strapi mishandles hidden attributes within admin API responses
High
CVE-2022-31367
was published
for
@strapi/strapi
(npm)
Sep 28, 2022
a12nserver vulnerable to potential SQL Injections via Knex dependency
Moderate
GHSA-crhg-xgrg-vvcc
was published
for
@curveball/a12n-server
(npm)
Jan 13, 2023
@cubejs-backend/api-gateway row level security bypass
High
CVE-2022-23510
was published
for
@cubejs-backend/api-gateway
(npm)
Dec 12, 2022
Matrix-appservice-irc vulnerable to sql injection via roomIds argument
Moderate
CVE-2022-3971
was published
for
matrix-appservice-irc
(npm)
Nov 13, 2022
ProTip!
Advisories are also available from the
GraphQL API