GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,324
Composer 4,360
Erlang 33
GitHub Actions 22
Go 2,127
Maven 5,308
npm 3,793
NuGet 683
pip 3,471
Pub 12
RubyGems 894
Rust 894
Swift 38

Unreviewed advisories

All unreviewed 244,810

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,656 advisories

Filter by severity

Sort by

Least recently updated

PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense... Critical Unreviewed

CVE-2025-25351 was published Feb 12, 2025

PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense... Critical Unreviewed

CVE-2025-25349 was published Feb 12, 2025

A SQL Injection vulnerability was found in /admin/forgot-password.php in Phpgurukul Land Record... Critical Unreviewed

CVE-2025-25389 was published Feb 13, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-27956 was published Mar 21, 2024

SQL Injection vulnerability in the orderGoodsDelivery() function in Niushop B2B2C V5 allows... Critical Unreviewed

CVE-2024-25248 was published Feb 27, 2024

SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code... Critical Unreviewed

CVE-2024-25422 was published Feb 29, 2024

SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit... Critical Unreviewed

CVE-2022-31890 was published Apr 6, 2023

A SQL Injection vulnerability was found in /admin/edit-propertytype.php in PHPGurukul Land Record... Critical Unreviewed

CVE-2025-25388 was published Feb 13, 2025

Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition... Critical Unreviewed

CVE-2022-4427 was published Dec 19, 2022

SQL Injection vulnerability in various API endpoints - offices, dashboards, etc. Apache Fineract... Critical Unreviewed

CVE-2024-32838 was published Feb 12, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-30502 was published Mar 29, 2024

The easy-digital-downloads plugin before 2.3.3 for WordPress has SQL injection. Critical Unreviewed

CVE-2015-9324 was published May 24, 2022

The wpForo Forum plugin for WordPress is vulnerable to SQL Injection via the 'slug' attribute of... Critical Unreviewed

CVE-2024-3200 was published Jun 1, 2024

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-30498 was published Mar 29, 2024

SQL Injection vulnerability in the default configuration of the Logitime WebClock application <=... Critical Unreviewed

CVE-2024-55971 was published Jan 23, 2025

An SQL injection vulnerability in the pjActionGetUser function of PHPJabbers Cinema Booking... Critical Unreviewed

CVE-2024-57430 was published Feb 6, 2025

A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote... Critical Unreviewed

CVE-2021-20016 was published May 24, 2022

A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project >=... Critical Unreviewed

CVE-2025-22992 was published Feb 6, 2025

SQL Injection vulnerability in SourceCodester Responsive E-Learning System 1.0 allows remote... Critical Unreviewed

CVE-2020-36084 was published Feb 6, 2025

An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows... Critical Unreviewed

CVE-2020-29574 was published May 24, 2022

Tokheim Profleet DiaLOG 11.005.02 is affected by SQL Injection. The component is the... Critical Unreviewed

CVE-2021-34235 was published Feb 12, 2022

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-30490 was published Mar 29, 2024

Moss v0.1.3 version has an SQL injection vulnerability that allows attackers to inject carefully... Critical Unreviewed

CVE-2024-57098 was published Feb 3, 2025

SQL injection vulnerability in the ZimbraSyncService SOAP endpoint in Zimbra Collaboration 10.0.x... Critical Unreviewed

CVE-2025-25064 was published Feb 3, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-22699 was published Feb 4, 2025

Previous 1 2 3 4 5 … 146 147 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,656 advisories