GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
466 advisories
CWA-2024-006: wasmd non-deterministic module_query_safe query
Moderate
GHSA-fpgj-cr28-fvpx
was published
for
github.com/CosmWasm/wasmd
(Go)
Aug 21, 2024
LF Edge eKuiper has a SQL Injection in sqlKvStore
High
CVE-2024-43406
was published
for
ekuiper
(Go)
Aug 20, 2024
pREST vulnerable to jwt bypass + sql injection
Critical
GHSA-wm25-j4gw-6vr3
was published
for
github.com/prest/prest
(Go)
Jul 30, 2024
Admidio has Blind SQL Injection in ecard_send.php
Critical
CVE-2024-37906
was published
for
admidio/admidio
(Composer)
Jul 29, 2024
1Panel has an SQL injection issue related to the orderBy clause
Critical
CVE-2024-39907
was published
for
github.com/1Panel-dev/1Panel
(Go)
Jul 18, 2024
dbt has an implicit override for built-in materializations from installed packages
Moderate
CVE-2024-40637
was published
for
dbt-core
(pip)
Jul 17, 2024
SQL Injection in the KubeClarity REST API
Moderate
CVE-2024-39909
was published
for
github.com/openclarity/kubeclarity/backend
(Go)
Jul 12, 2024
NHibernate SQL injection vulnerability in discriminator mappings, static fields referenced in HQL, and some utilities
Moderate
CVE-2024-39677
was published
for
NHibernate
(NuGet)
Jul 8, 2024
EGroupware mishandles an ORDER BY clause
Moderate
CVE-2024-40614
was published
for
egroupware/egroupware
(Composer)
Jul 7, 2024
ProTip!
Advisories are also available from the
GraphQL API