Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,778
Erlang
35
GitHub Actions
29
Go
2,334
Maven
5,000+
npm
3,967
NuGet
713
pip
3,763
Pub
12
RubyGems
923
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,926 advisories

Loading
SQL injection vulnerability in Customer Support System v1.0. This vulnerability allows an... High Unreviewed
CVE-2025-40728 was published Jun 16, 2025
The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in... High Unreviewed
CVE-2025-5487 was published Jun 14, 2025
A SQL injection vulnerability in No Boss Calendar component before 5.0.7 for Joomla was... High Unreviewed
CVE-2025-49468 was published Jun 13, 2025
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft... High Unreviewed
CVE-2025-47172 was published Jun 10, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-47651 was published Jun 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-31920 was published Jun 9, 2025
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL... High Unreviewed
CVE-2025-36528 was published Jun 9, 2025
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL... High Unreviewed
CVE-2025-41444 was published Jun 9, 2025
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL... High Unreviewed
CVE-2025-27709 was published Jun 9, 2025
An SQL injection vulnerability has been reported to affect Qsync Central. If exploited, the... High Unreviewed
CVE-2025-29892 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49326 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49328 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49327 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49421 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49315 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49323 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49263 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-30989 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2023-26003 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-26590 was published Jun 6, 2025
The Short URL WordPress plugin through 1.6.8 does not properly sanitise and escape a parameter... High Unreviewed
CVE-2023-2921 was published Jun 6, 2025
Foxcms v1.25 has a SQL time injection in the $_POST['dbname'] parameter of installdb.php. High Unreviewed
CVE-2025-46154 was published Jun 3, 2025
A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP... High Unreviewed
CVE-2024-57459 was published Jun 2, 2025
SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0.... High Unreviewed
CVE-2025-45542 was published Jun 2, 2025
Apache Superset: Improper authorization bypass on row level security via SQL Injection High
CVE-2025-48912 was published for apache-superset (pip) May 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database