Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,944 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-53306 was published Jun 27, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-53256 was published Jun 27, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-53258 was published Jun 27, 2025
The Owl carousel responsive plugin for WordPress is vulnerable to time-based SQL Injection via... High Unreviewed
CVE-2025-5590 was published Jun 26, 2025
IBM InfoSphere Information Server 11.7 vulnerable to SQL injection. A remote attacker could send... High Unreviewed
CVE-2025-0966 was published Jun 26, 2025
SQL Injection vulnerability in Student Record system Using PHP and MySQL v.3.20 allows a remote... High Unreviewed
CVE-2024-27685 was published Jun 26, 2025
A SQL injection vulnerability exists in Fanwei e-cology 8.0 via the getdata.jsp endpoint. The... High Unreviewed
CVE-2025-34038 was published Jun 26, 2025
A time-based blind SQL injection vulnerability was identified in the PHPGurukul Dairy Farm Shop... High Unreviewed
CVE-2025-51672 was published Jun 26, 2025
The plugin does not filter the "delete_entries" parameter from user requests, leading to an SQL... High Unreviewed
CVE-2022-3764 was published Jan 16, 2024
The WP Editor WordPress plugin before 1.2.7 did not sanitise or validate its setting fields... High Unreviewed
CVE-2021-24151 was published Jan 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-52822 was published Jun 20, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-52821 was published Jun 20, 2025
SQL Injection vulnerability in pbootCMS v.3.2.5 and v.3.2.10 allows a remote attacker to obtain... High Unreviewed
CVE-2025-46109 was published Jun 18, 2025
A SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an... High Unreviewed
CVE-2025-49211 was published Jun 17, 2025
A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could... High Unreviewed
CVE-2025-49218 was published Jun 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49854 was published Jun 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-30562 was published Jun 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-28972 was published Jun 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-48118 was published Jun 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-39486 was published Jun 17, 2025
SQL injection vulnerability in Customer Support System v1.0. This vulnerability allows an... High Unreviewed
CVE-2025-40728 was published Jun 16, 2025
The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in... High Unreviewed
CVE-2025-5487 was published Jun 14, 2025
pgx SQL Injection via Line Comment Creation High
CVE-2024-27289 was published for github.com/jackc/pgx (Go) Mar 4, 2024
paul-gerste-sonarsource
A SQL injection vulnerability in No Boss Calendar component before 5.0.7 for Joomla was... High Unreviewed
CVE-2025-49468 was published Jun 13, 2025
The Taskbuilder WordPress plugin before 3.0.9 does not sanitize and escape a parameter before... High Unreviewed
CVE-2024-9831 was published May 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database