GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
19 advisories
Filter by severity
SQL Injection Vulnerability via ActiveRecord comments
High
CVE-2023-22794
was published
for
activerecord
(RubyGems)
Jan 18, 2023
curupira is vulnerable to SQL injection
Critical
CVE-2015-10053
was published
for
curupira
(RubyGems)
Jan 16, 2023
update_by_case before 0.1.3 can be vulnerable to sql injection
Moderate
CVE-2022-35956
was published
for
update_by_case
(RubyGems)
Aug 11, 2022
Fat Free CRM vulnerable to SQL Injection
Moderate
CVE-2013-7225
was published
for
fat_free_crm
(RubyGems)
May 17, 2022
Katello SQL Injection vulnerabilities
High
CVE-2016-3072
was published
for
katello
(RubyGems)
May 14, 2022
katello SQL Injection vulnerability
Moderate
CVE-2018-14623
was published
for
katello
(RubyGems)
May 13, 2022
SQL Injection in marginalia
Critical
CVE-2019-1010191
was published
for
marginalia
(RubyGems)
Jul 26, 2019
mysql-bunuuid-rails vulnerable to SQL injection
Critical
CVE-2018-18476
was published
for
mysql-binuuid-rails
(RubyGems)
Oct 30, 2018
Rails ActiveRecord gem vulnerable to SQL injection
High
CVE-2008-4094
was published
for
activerecord
(RubyGems)
Oct 24, 2017
Active Record vulnerable to SQL Injection via nested query parameters
Moderate
CVE-2012-2661
was published
for
activerecord
(RubyGems)
Oct 24, 2017
activerecord vulnerable to SQL Injection
High
CVE-2011-0448
was published
for
activerecord
(RubyGems)
Oct 24, 2017
activerecord vulnerable to SQL Injection
High
CVE-2012-2695
was published
for
activerecord
(RubyGems)
Oct 24, 2017
activerecord vulnerable to SQL Injection
High
CVE-2011-2930
was published
for
activerecord
(RubyGems)
Oct 24, 2017
Active Record contains SQL Injection
High
CVE-2012-6496
was published
for
activerecord
(RubyGems)
Oct 24, 2017
SQL Injection in Active Record
High
CVE-2014-3482
was published
for
activerecord
(RubyGems)
Oct 24, 2017
Array data injection vulnerability in activerecord
Moderate
CVE-2014-0080
was published
for
activerecord
(RubyGems)
Oct 24, 2017
Active Record contains SQL Injection via improper range quoting
High
CVE-2014-3483
was published
for
activerecord
(RubyGems)
Oct 24, 2017
ProTip!
Advisories are also available from the
GraphQL API