Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,180
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,324
Pub
11
RubyGems
882
Rust
835
Swift
35
Unreviewed advisories
All unreviewed
5,000+

44 advisories

Loading
SQL Injection in hive-jdbc Critical
CVE-2018-1282 was published for org.apache.hive:hive-jdbc (Maven) Nov 21, 2018
SQL Injection in Kylin Critical
CVE-2020-13926 was published for org.apache.kylin:kylin-server-base (Maven) Jul 27, 2020
SQL Injection in odata4j Critical
CVE-2016-11024 was published for org.odata4j:odata4j-core (Maven) May 7, 2021
SQL Injection in odata4j Critical
CVE-2016-11023 was published for org.odata4j:odata4j-core (Maven) May 7, 2021
SQL Injection in Apache SkyWalking Critical
CVE-2020-13921 was published for org.apache.skywalking:oap-server (Maven) May 7, 2021
SQL Injection in Log4j 1.2.x Critical
CVE-2022-23305 was published for log4j:log4j (Maven) Jan 21, 2022
SebGondron
SQL Injection in JeecgBoot Critical
CVE-2021-46089 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Jan 26, 2022
SQL injection without credentials in ming-soft MCMS Critical
CVE-2020-23262 was published for net.mingsoft:ms-mcms (Maven) Feb 9, 2022
SQL Injection in Jeecg-boot Critical
CVE-2022-22881 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 17, 2022
SQL Injection in Jeecg-boot Critical
CVE-2022-22880 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Feb 17, 2022
SQL injection in MCMS Critical
CVE-2021-44868 was published for net.mingsoft:ms-mcms (Maven) Feb 18, 2022
SQL injection in net.mingsoft:ms-mcms Critical
CVE-2022-23898 was published for net.mingsoft:ms-mcms (Maven) Mar 4, 2022
SQL injection in net.mingsoft:ms-mcms Critical
CVE-2022-23899 was published for net.mingsoft:ms-mcms (Maven) Mar 4, 2022
MyBatis PageHelper vulnerable to time-blind SQL injection via orderBy parameter Critical
CVE-2022-28111 was published for com.github.pagehelper:pagehelper (Maven) May 5, 2022
OHDSI WebAPI vulnerable to SQL Injection Critical
CVE-2019-15563 was published for org.ohdsi:WebAPI (Maven) May 24, 2022
tdunlap607
Dataease v1.11.1 SQL Injection via parameter dataSourceId Critical
CVE-2022-34115 was published for io.dataease:dataease-plugin-common (Maven) Jul 23, 2022
Mingsoft MCMS SQL injection vulnerability in /mdiy/model/delete URI via models List Critical
CVE-2022-36599 was published for net.mingsoft:ms-mcms (Maven) Aug 17, 2022
Mingsoft MCMS SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter Critical
CVE-2022-36272 was published for net.mingsoft:ms-mcms (Maven) Aug 17, 2022
SQL injection in jflyfox jfinal Critical
CVE-2022-37199 was published for com.jflyfox:jflyfox_jfinal (Maven) Aug 24, 2022
SQL injection in jflyfox jfinal Critical
CVE-2022-37223 was published for com.jflyfox:jflyfox_jfinal (Maven) Aug 24, 2022
Jeecg-boot vulnerable to SQL Injection Critical
CVE-2022-45206 was published for org.jeecgframework.boot:jeecg-boot-common (Maven) Nov 25, 2022
Jeecg-boot vulnerable to SQL injection via updateNullByEmptyString Critical
CVE-2022-45207 was published for org.jeecgframework.boot:jeecg-boot-common (Maven) Nov 25, 2022
Mingsoft MCMS vulnerable to SQL Injection Critical
CVE-2022-4375 was published for net.mingsoft:ms-mcms (Maven) Dec 9, 2022
Jeecg-boot is vulnerable to SQL injection Critical
CVE-2022-47105 was published for org.jeecgframework.boot:jeecg-boot-base-core (Maven) Jan 19, 2023
Dromara hutool vulnerable to SQL Injection Critical
CVE-2023-24163 was published for cn.hutool:hutool-all (Maven) Jan 31, 2023
liangyueliangyue andrewpollock
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database