Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

21 advisories

Loading
JeecgBoot SQL Injection vulnerability High
CVE-2024-48307 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Oct 31, 2024
Apache Submarine Server Core has a SQL Injection Vulnerability High
CVE-2024-36263 was published for org.apache.submarine:submarine-server-core (Maven) Jun 12, 2024
Hazelcast Platform permission checking in CSV File Source connector High
CVE-2023-45860 was published for com.hazelcast:hazelcast (Maven) Feb 16, 2024
Mingsoft MCMS SQL injection High
CVE-2023-50578 was published for net.mingsoft:ms-mcms (Maven) Dec 30, 2023
SQL Injection in Apache InLong High
CVE-2023-43667 was published for org.apache.inlong:inlong (Maven) Oct 16, 2023
OpenRefine vulnerable to arbitrary file read in project import with mysql jdbc url attack High
CVE-2023-41886 was published for org.openrefine:database (Maven) Sep 12, 2023
nbxiglk0
DataEase vulnerable to SQL injection High
CVE-2023-40771 was published for io.dataease:dataease-plugin-common (Maven) Sep 1, 2023
SpringBlade vulnerable to SQL injection High
CVE-2023-40787 was published for org.springblade:blade-core-tool (Maven) Aug 29, 2023
SQL injection in Liferay Portal High
CVE-2023-33945 was published for com.liferay.portal:release.portal.bom (Maven) May 24, 2023
jeecg-boot contains SQL Injection vulnerability High
CVE-2023-24789 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Mar 6, 2023
PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names High
CVE-2022-31197 was published for org.postgresql:postgresql (Maven) Aug 6, 2022
kato-sho JBrown0x90
SQL Injection found in Dataease High
CVE-2022-34114 was published for io.dataease:dataease-plugin-common (Maven) Jul 23, 2022
SQL injection in jflyfox jfinal High
CVE-2022-30500 was published for com.jflyfox:jflyfox_jfinal (Maven) May 27, 2022
Apache OpenMeetings vulnerable to SQL injection High
CVE-2017-7681 was published for org.apache.openmeetings:openmeetings-parent (Maven) May 17, 2022
SQL Injection in elide-datastore-aggregation High
CVE-2022-24827 was published for com.yahoo.elide:elide-datastore-aggregation (Maven) Apr 8, 2022
SQL injection in hibernate-core High
CVE-2020-25638 was published for org.hibernate:hibernate-core (Maven) Feb 9, 2022
vmvarga mpihelgas
Mingsoft MCMS SQL injection vulnerability High
CVE-2021-46383 was published for net.mingsoft:ms-mcms (Maven) Jan 27, 2022
Mingsoft MCMS SQL injection vulnerability High
CVE-2021-46385 was published for net.mingsoft:ms-mcms (Maven) Jan 27, 2022
SQL injection in Apache DolphinScheduler High
CVE-2021-27644 was published for org.apache.dolphinscheduler:dolphinscheduler-server (Maven) Nov 3, 2021
Rating Script Service expose XWiki to SQL injection High
CVE-2021-21380 was published for org.xwiki.platform:xwiki-platform-ratings-api (Maven) Mar 23, 2021
SQL injection vulnerability in the policy admin tool in Apache Ranger High
CVE-2016-2174 was published for org.apache.ranger:ranger (Maven) Oct 17, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database