Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,608
Erlang
33
GitHub Actions
25
Go
2,221
Maven
5,000+
npm
3,893
NuGet
701
pip
3,659
Pub
12
RubyGems
913
Rust
942
Swift
38
Unreviewed advisories
All unreviewed
5,000+

13,738 advisories

Loading
The Cost Calculator Builder plugin for WordPress is vulnerable to time-based SQL Injection via... Moderate Unreviewed
CVE-2025-2128 was published Apr 11, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32681 was published Apr 11, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-32603 was published Apr 11, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32650 was published Apr 11, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32618 was published Apr 11, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32567 was published Apr 11, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-32565 was published Apr 11, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32558 was published Apr 11, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-31599 was published Apr 11, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-31565 was published Apr 11, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32687 was published Apr 10, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32128 was published Apr 10, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32119 was published Apr 10, 2025
The Accredible Certificates & Open Badges plugin for WordPress is vulnerable to time-based SQL... Moderate Unreviewed
CVE-2024-13909 was published Apr 10, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32677 was published Apr 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32685 was published Apr 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32676 was published Apr 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32550 was published Apr 9, 2025
horvey Library-Manager v1.0 is vulnerable to SQL Injection in Admin/Controller/BookController... High Unreviewed
CVE-2025-29391 was published Apr 9, 2025
jerryhanjj ERP 1.0 is vulnerable to SQL Injection in the set_password function in application... High Unreviewed
CVE-2025-29390 was published Apr 9, 2025
crud-query-parser SQL Injection vulnerability High
CVE-2025-32020 was published for crud-query-parser (npm) Apr 9, 2025
Flowise Vulnerable to SQL Injection via `tableName` Parameter High
CVE-2025-29189 was published for flowise-components (npm) Apr 9, 2025
Joomla Framework Database Package Vulnerable to SQL Injection Moderate
CVE-2025-25226 was published for joomla/database (Composer) Apr 8, 2025
Shopware Vulnerable to Blind SQL-injection in DAL aggregations High
CVE-2025-27892 was published for shopware/core (Composer) Apr 8, 2025
SQL injection in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7... High Unreviewed
CVE-2025-22461 was published Apr 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database