GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
82 advisories
Filter by severity
SQL injection vulnerability in the policy admin tool in Apache Ranger
High
CVE-2016-2174
was published
for
org.apache.ranger:ranger
(Maven)
Oct 17, 2018
SQL Injection in hive-jdbc
Critical
CVE-2018-1282
was published
for
org.apache.hive:hive-jdbc
(Maven)
Nov 21, 2018
Exposure of Sensitive Information to an Unauthorized Actor and SQL Injection in Spring Data JPA
Moderate
CVE-2019-3797
was published
for
org.springframework.data:spring-data-jpa
(Maven)
May 14, 2019
SQL Injection in Kylin
Critical
CVE-2020-13926
was published
for
org.apache.kylin:kylin-server-base
(Maven)
Jul 27, 2020
SQL Injection in Kylin
Moderate
CVE-2020-1937
was published
for
org.apache.kylin:kylin-server-base
(Maven)
Jul 27, 2020
Rating Script Service expose XWiki to SQL injection
High
CVE-2021-21380
was published
for
org.xwiki.platform:xwiki-platform-ratings-api
(Maven)
Mar 23, 2021
SQL Injection in odata4j
Critical
CVE-2016-11024
was published
for
org.odata4j:odata4j-core
(Maven)
May 7, 2021
SQL Injection in odata4j
Critical
CVE-2016-11023
was published
for
org.odata4j:odata4j-core
(Maven)
May 7, 2021
SQL Injection in Apache SkyWalking
Critical
CVE-2020-13921
was published
for
org.apache.skywalking:oap-server
(Maven)
May 7, 2021
SQL injection in Apache DolphinScheduler
High
CVE-2021-27644
was published
for
org.apache.dolphinscheduler:dolphinscheduler-server
(Maven)
Nov 3, 2021
SQL Injection in Apache Kylin
Moderate
CVE-2021-36774
was published
for
org.apache.kylin:kylin
(Maven)
Jan 8, 2022
SQL Injection in Log4j 1.2.x
Critical
CVE-2022-23305
was published
for
log4j:log4j
(Maven)
Jan 21, 2022
SQL Injection in JeecgBoot
Critical
CVE-2021-46089
was published
for
org.jeecgframework.boot:jeecg-boot-base
(Maven)
Jan 26, 2022
Mingsoft MCMS SQL injection vulnerability
High
CVE-2021-46385
was published
for
net.mingsoft:ms-mcms
(Maven)
Jan 27, 2022
Mingsoft MCMS SQL injection vulnerability
High
CVE-2021-46383
was published
for
net.mingsoft:ms-mcms
(Maven)
Jan 27, 2022
SQL Injection in Spring Cloud Task
Moderate
CVE-2020-5428
was published
for
org.springframework.cloud:spring-cloud-task-dependencies
(Maven)
Feb 9, 2022
SQL injection without credentials in ming-soft MCMS
Critical
CVE-2020-23262
was published
for
net.mingsoft:ms-mcms
(Maven)
Feb 9, 2022
SQL injection in hibernate-core
High
CVE-2020-25638
was published
for
org.hibernate:hibernate-core
(Maven)
Feb 9, 2022
SQL Injection in Hibernate ORM
Moderate
CVE-2019-14900
was published
for
org.hibernate:hibernate-core
(Maven)
Feb 10, 2022
SQL Injection in Jeecg-boot
Critical
CVE-2022-22881
was published
for
org.jeecgframework.boot:jeecg-boot-base
(Maven)
Feb 17, 2022
SQL Injection in Jeecg-boot
Critical
CVE-2022-22880
was published
for
org.jeecgframework.boot:jeecg-boot-base
(Maven)
Feb 17, 2022
SQL injection in MCMS
Critical
CVE-2021-44868
was published
for
net.mingsoft:ms-mcms
(Maven)
Feb 18, 2022
SQL injection in net.mingsoft:ms-mcms
Critical
CVE-2022-23898
was published
for
net.mingsoft:ms-mcms
(Maven)
Mar 4, 2022
SQL injection in net.mingsoft:ms-mcms
Critical
CVE-2022-23899
was published
for
net.mingsoft:ms-mcms
(Maven)
Mar 4, 2022
SQL Injection in elide-datastore-aggregation
High
CVE-2022-24827
was published
for
com.yahoo.elide:elide-datastore-aggregation
(Maven)
Apr 8, 2022
ProTip!
Advisories are also available from the
GraphQL API