GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,226
Erlang
31
GitHub Actions
19
Go
1,991
Maven
5,000+
npm
3,708
NuGet
661
pip
3,339
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
82 advisories
Filter by severity
SQL injection vulnerability in the policy admin tool in Apache Ranger
High
CVE-2016-2174
was published
for
org.apache.ranger:ranger
(Maven)
Oct 17, 2018
SQL Injection in Kylin
Critical
CVE-2020-13926
was published
for
org.apache.kylin:kylin-server-base
(Maven)
Jul 27, 2020
Jeecg-boot is vulnerable to SQL injection
Critical
CVE-2022-47105
was published
for
org.jeecgframework.boot:jeecg-boot-base-core
(Maven)
Jan 19, 2023
SQL Injection in elide-datastore-aggregation
High
CVE-2022-24827
was published
for
com.yahoo.elide:elide-datastore-aggregation
(Maven)
Apr 8, 2022
Improper Neutralization of Special Elements used in an SQL Command Pivotal Spring Data JPA
Moderate
CVE-2016-6652
was published
for
org.springframework.data:spring-data-jpa
(Maven)
May 17, 2022
SQL injection in jflyfox jfinal
High
CVE-2022-30500
was published
for
com.jflyfox:jflyfox_jfinal
(Maven)
May 27, 2022
SQL Injection found in Dataease
High
CVE-2022-34114
was published
for
io.dataease:dataease-plugin-common
(Maven)
Jul 23, 2022
SQL Injection in odata4j
Critical
CVE-2016-11024
was published
for
org.odata4j:odata4j-core
(Maven)
May 7, 2021
SQL Injection in odata4j
Critical
CVE-2016-11023
was published
for
org.odata4j:odata4j-core
(Maven)
May 7, 2021
Mingsoft MCMS SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter
Critical
CVE-2022-36272
was published
for
net.mingsoft:ms-mcms
(Maven)
Aug 17, 2022
Mingsoft MCMS SQL injection vulnerability in /mdiy/model/delete URI via models List
Critical
CVE-2022-36599
was published
for
net.mingsoft:ms-mcms
(Maven)
Aug 17, 2022
SQL injection in jflyfox jfinal
Critical
CVE-2022-37223
was published
for
com.jflyfox:jflyfox_jfinal
(Maven)
Aug 24, 2022
SQL injection in jflyfox jfinal
Critical
CVE-2022-37199
was published
for
com.jflyfox:jflyfox_jfinal
(Maven)
Aug 24, 2022
SQL injection in net.mingsoft:ms-mcms
Critical
CVE-2022-23898
was published
for
net.mingsoft:ms-mcms
(Maven)
Mar 4, 2022
SQL injection in net.mingsoft:ms-mcms
Critical
CVE-2022-23899
was published
for
net.mingsoft:ms-mcms
(Maven)
Mar 4, 2022
Mingsoft MCMS vulnerable to SQL Injection
Critical
CVE-2022-4375
was published
for
net.mingsoft:ms-mcms
(Maven)
Dec 9, 2022
Dataease v1.11.1 SQL Injection via parameter dataSourceId
Critical
CVE-2022-34115
was published
for
io.dataease:dataease-plugin-common
(Maven)
Jul 23, 2022
Exposure of Sensitive Information to an Unauthorized Actor and SQL Injection in Spring Data JPA
Moderate
CVE-2019-3797
was published
for
org.springframework.data:spring-data-jpa
(Maven)
May 14, 2019
SQL Injection in Kylin
Moderate
CVE-2020-1937
was published
for
org.apache.kylin:kylin-server-base
(Maven)
Jul 27, 2020
Rating Script Service expose XWiki to SQL injection
High
CVE-2021-21380
was published
for
org.xwiki.platform:xwiki-platform-ratings-api
(Maven)
Mar 23, 2021
SQL Injection in Spring Cloud Task
Moderate
CVE-2020-5428
was published
for
org.springframework.cloud:spring-cloud-task-dependencies
(Maven)
Feb 9, 2022
SQL injection without credentials in ming-soft MCMS
Critical
CVE-2020-23262
was published
for
net.mingsoft:ms-mcms
(Maven)
Feb 9, 2022
SQL injection in Apache DolphinScheduler
High
CVE-2021-27644
was published
for
org.apache.dolphinscheduler:dolphinscheduler-server
(Maven)
Nov 3, 2021
MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameter
Critical
CVE-2022-28111
was published
for
com.github.pagehelper:pagehelper
(Maven)
May 5, 2022
Jeecg-boot vulnerable to SQL Injection
Critical
CVE-2022-45206
was published
for
org.jeecgframework.boot:jeecg-boot-common
(Maven)
Nov 25, 2022
ProTip!
Advisories are also available from the
GraphQL API