Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,656
Maven
5,000+
npm
4,284
NuGet
760
pip
4,068
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

102 advisories

Loading
MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameter Critical
CVE-2022-28111 was published for com.github.pagehelper:pagehelper (Maven) May 5, 2022
Apache Derby SQL Injection Moderate
CVE-2006-7217 was published for org.apache.derby:derby (Maven) May 1, 2022
SQL Injection in elide-datastore-aggregation High
CVE-2022-24827 was published for com.yahoo.elide:elide-datastore-aggregation (Maven) Apr 8, 2022
SQL injection in net.mingsoft:ms-mcms Critical
CVE-2022-23899 was published for net.mingsoft:ms-mcms (Maven) Mar 4, 2022
SQL injection in net.mingsoft:ms-mcms Critical
CVE-2022-23898 was published for net.mingsoft:ms-mcms (Maven) Mar 4, 2022
SQL injection in MCMS Critical
CVE-2021-44868 was published for net.mingsoft:ms-mcms (Maven) Feb 18, 2022
SQL Injection in Jeecg-boot Critical
CVE-2022-22880 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 17, 2022
SQL Injection in Jeecg-boot Critical
CVE-2022-22881 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 17, 2022
SQL Injection in Hibernate ORM Moderate
CVE-2019-14900 was published for org.hibernate:hibernate-core (Maven) Feb 10, 2022
mpihelgas
Credited to mpihelgas
SQL injection in hibernate-core High
CVE-2020-25638 was published for org.hibernate:hibernate-core (Maven) Feb 9, 2022
vmvarga mpihelgas
Credited to vmvarga and mpihelgas
SQL injection without credentials in ming-soft MCMS Critical
CVE-2020-23262 was published for net.mingsoft:ms-mcms (Maven) Feb 9, 2022
SQL Injection in Spring Cloud Task Moderate
CVE-2020-5428 was published for org.springframework.cloud:spring-cloud-task-dependencies (Maven) Feb 9, 2022
Mingsoft MCMS SQL injection vulnerability High
CVE-2021-46383 was published for net.mingsoft:ms-mcms (Maven) Jan 27, 2022
Mingsoft MCMS SQL injection vulnerability High
CVE-2021-46385 was published for net.mingsoft:ms-mcms (Maven) Jan 27, 2022
SQL Injection in JeecgBoot Critical
CVE-2021-46089 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Jan 26, 2022
SQL Injection in Log4j 1.2.x Critical
CVE-2022-23305 was published for log4j:log4j (Maven) Jan 21, 2022
SebGondron
Credited to SebGondron
SQL Injection in Apache Kylin Moderate
CVE-2021-36774 was published for org.apache.kylin:kylin (Maven) Jan 8, 2022
SQL injection in Apache DolphinScheduler High
CVE-2021-27644 was published for org.apache.dolphinscheduler:dolphinscheduler-server (Maven) Nov 3, 2021
SQL Injection in Apache SkyWalking Critical
CVE-2020-13921 was published for org.apache.skywalking:oap-server (Maven) May 7, 2021
SQL Injection in odata4j Critical
CVE-2016-11023 was published for org.odata4j:odata4j-core (Maven) May 7, 2021
SQL Injection in odata4j Critical
CVE-2016-11024 was published for org.odata4j:odata4j-core (Maven) May 7, 2021
Rating Script Service expose XWiki to SQL injection High
CVE-2021-21380 was published for org.xwiki.platform:xwiki-platform-ratings-api (Maven) Mar 23, 2021
SQL Injection in Kylin Moderate
CVE-2020-1937 was published for org.apache.kylin:kylin-server-base (Maven) Jul 27, 2020
SQL Injection in Kylin Critical
CVE-2020-13926 was published for org.apache.kylin:kylin-server-base (Maven) Jul 27, 2020
Exposure of Sensitive Information to an Unauthorized Actor and SQL Injection in Spring Data JPA Moderate
CVE-2019-3797 was published for org.springframework.data:spring-data-jpa (Maven) May 14, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database