GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,205
Composer 4,894
Erlang 38
GitHub Actions 38
Go 2,552
Maven 6,024
npm 4,224
NuGet 746
pip 3,999
Pub 12
RubyGems 953
Rust 1,041
Swift 45

Unreviewed advisories

All unreviewed 273,117

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

15,278 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed

CVE-2025-62390 was published Oct 14, 2025

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed

CVE-2025-62392 was published Oct 14, 2025

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed

CVE-2025-62385 was published Oct 14, 2025

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed

CVE-2025-62383 was published Oct 14, 2025

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed

CVE-2025-62386 was published Oct 14, 2025

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed

CVE-2025-62384 was published Oct 14, 2025

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed

CVE-2025-62388 was published Oct 14, 2025

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed

CVE-2025-62389 was published Oct 14, 2025

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed

CVE-2025-62391 was published Oct 14, 2025

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed

CVE-2025-62387 was published Oct 14, 2025

SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed

CVE-2025-11623 was published Oct 14, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-6919 was published Oct 13, 2025

The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’... Moderate Unreviewed

CVE-2025-9947 was published Oct 11, 2025

The WP Links Page plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in... Moderate Unreviewed

CVE-2025-10175 was published Oct 11, 2025

The My auctions allegro plugin for WordPress is vulnerable to SQL Injection via the 'order'... Moderate Unreviewed

CVE-2025-10048 was published Oct 11, 2025

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to SQL... Moderate Unreviewed

CVE-2025-10185 was published Oct 11, 2025

JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main... Critical Unreviewed

CVE-2025-60269 was published Oct 10, 2025

SourceCodester Pet Grooming Management Software 1.0 is vulnerable to SQL Injection in admin... Critical Unreviewed

CVE-2025-60316 was published Oct 9, 2025

In xckk v9.6, there is a SQL injection vulnerability in which the cond parameter in notice/list... Moderate Unreviewed

CVE-2025-60267 was published Oct 9, 2025

In xckk v9.6, there is a SQL injection vulnerability in which the orderBy parameter in address... Moderate Unreviewed

CVE-2025-60266 was published Oct 9, 2025

In xckk v9.6, there is a SQL injection vulnerability in which the orderBy parameter in user/list... Moderate Unreviewed

CVE-2025-60265 was published Oct 9, 2025

Apache Flink CDC is vulnerable to SQL Injection through maliciously crafted identifiers Moderate

CVE-2025-62228 was published for org.apache.flink:flink-cdc-pipeline-connectors (Maven) Oct 9, 2025

The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce... High Unreviewed

CVE-2025-10862 was published Oct 9, 2025

A weakness has been identified in code-projects Online Complaint Site 1.0. Affected is an unknown... Moderate Unreviewed

CVE-2025-11530 was published Oct 9, 2025

The Community Events plugin for WordPress is vulnerable to SQL Injection via the ‘event_venue’... Critical Unreviewed

CVE-2025-10586 was published Oct 9, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

15,278 advisories