Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

184 advisories

Loading
SQL Injection in query-mysql High
CVE-2018-3754 was published for query-mysql (npm) Sep 10, 2018
activerecord vulnerable to SQL Injection High
CVE-2011-0448 was published for activerecord (RubyGems) Oct 24, 2017
tdunlap607
Rails ActiveRecord gem vulnerable to SQL injection High
CVE-2008-4094 was published for activerecord (RubyGems) Oct 24, 2017
jasnow
activerecord vulnerable to SQL Injection High
CVE-2012-2695 was published for activerecord (RubyGems) Oct 24, 2017
activerecord vulnerable to SQL Injection High
CVE-2011-2930 was published for activerecord (RubyGems) Oct 24, 2017
Active Record contains SQL Injection High
CVE-2012-6496 was published for activerecord (RubyGems) Oct 24, 2017
SQL Injection in sequelize High
CVE-2015-1369 was published for sequelize (npm) Oct 24, 2017
SQL Injection in Active Record High
CVE-2014-3482 was published for activerecord (RubyGems) Oct 24, 2017
Active Record contains SQL Injection via improper range quoting High
CVE-2014-3483 was published for activerecord (RubyGems) Oct 24, 2017
ProTip! Advisories are also available from the GraphQL API