Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,783
Erlang
36
GitHub Actions
29
Go
2,353
Maven
5,000+
npm
3,977
NuGet
720
pip
3,774
Pub
12
RubyGems
923
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,941 advisories

Loading
The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By... High Unreviewed
CVE-2024-9186 was published Nov 14, 2024
owl-admin v3.2.2~ to v4.10.2 is vulnerable to SQL Injection in /admin-api/system/admin_menus... High Unreviewed
CVE-2025-28057 was published May 13, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-10864 was published May 14, 2025
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL... High Unreviewed
CVE-2025-3834 was published May 14, 2025
Zohocorp ManageEngine ADSelfService Plus versions 6513 and prior are vulnerable to authenticated... High Unreviewed
CVE-2025-3833 was published May 14, 2025
Liferay Portal and Liferay DXP Vulnerable to Multiple SQL Injections High
CVE-2021-29053 was published for com.liferay.portal:release.dxp.bom (Maven) May 24, 2022
A vulnerability has been identified in Polarion V2310 (All versions), Polarion V2404 (All... High Unreviewed
CVE-2024-51444 was published May 13, 2025
The Relevanssi – A Better Search plugin for WordPress is vulnerable to time-based SQL Injection... High Unreviewed
CVE-2025-4396 was published May 13, 2025
Shopware Vulnerable to Blind SQL-injection in DAL aggregations High
CVE-2025-27892 was published for shopware/core (Composer) Apr 8, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-32127 was published Apr 15, 2024
Moodle has a SQL injection risk in course search module list filter High
CVE-2025-26533 was published for moodle/moodle (Composer) Feb 24, 2025
AnonySE26
The Altra Side Menu WordPress plugin through 2.0 does not sanitize and escape a parameter before... High Unreviewed
CVE-2024-12773 was published Jan 27, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-47643 was published May 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-47537 was published May 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-47544 was published May 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-47587 was published May 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-47538 was published May 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-47490 was published May 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-47460 was published May 7, 2025
The Slider & Popup Builder by Depicter plugin for WordPress is vulnerable to generic SQL... High Unreviewed
CVE-2025-2011 was published May 6, 2025
Unvalidated input in the WP Google Map Plugin WordPress plugin, versions before 4.1.5, in the... High Unreviewed
CVE-2021-24130 was published May 24, 2022
The PGS Core plugin for WordPress is vulnerable to SQL Injection via the 'event' parameter in the... High Unreviewed
CVE-2025-0853 was published May 7, 2025
A SQL injection vulnerability in manage_damage.php in Sourcecodester Computer Laboratory... High Unreviewed
CVE-2025-45956 was published Apr 29, 2025
The WP Activity Log Premium plugin for WordPress is vulnerable to SQL Injection via the entry-... High Unreviewed
CVE-2024-2018 was published Apr 9, 2024
kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in /osms/Requester... High Unreviewed
CVE-2025-45321 was published May 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database