Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,076 advisories

Loading
A vulnerability was found in PHPGurukul User Registration & Login and User Management 3.3. It has... Moderate Unreviewed
CVE-2025-8157 was published Jul 25, 2025
A vulnerability was found in PHPGurukul Login and User Management System 3.3. It has been... Moderate Unreviewed
CVE-2025-8158 was published Jul 25, 2025
A vulnerability was found in PHPGurukul User Registration & Login and User Management 3.3 and... Moderate Unreviewed
CVE-2025-8156 was published Jul 25, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-4822 was published Jul 25, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-4784 was published Jul 25, 2025
XWiki Platform vulnerable to SQL injection through XWiki#searchDocuments API High
CVE-2025-54385 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Jul 25, 2025
A vulnerability, which was classified as critical, has been found in itsourcecode Insurance... Moderate Unreviewed
CVE-2025-8135 was published Jul 25, 2025
A vulnerability classified as critical was found in deerwms deer-wms-2 up to 3.3. This... Moderate Unreviewed
CVE-2025-8127 was published Jul 25, 2025
A vulnerability classified as critical was found in PHPGurukul BP Monitoring Management System 1... Moderate Unreviewed
CVE-2025-8134 was published Jul 25, 2025
A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been rated as critical.... Moderate Unreviewed
CVE-2025-8125 was published Jul 25, 2025
A vulnerability classified as critical has been found in deerwms deer-wms-2 up to 3.3. This... Moderate Unreviewed
CVE-2025-8126 was published Jul 25, 2025
A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been declared as critical.... Moderate Unreviewed
CVE-2025-8124 was published Jul 25, 2025
A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been classified as critical.... Moderate Unreviewed
CVE-2025-8123 was published Jul 24, 2025
XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter Critical
CVE-2025-32429 was published for org.xwiki.platform:xwiki-platform-distribution-war (Maven) Jul 24, 2025
eKuiper API endpoints handling SQL queries with user-controlled table names. High
CVE-2025-54379 was published for github.com/lf-edge/ekuiper (Go) Jul 24, 2025
odaysec
A SQLi vulnerability in Komento component 4.0.0-4.0.7for Joomla was discovered. The issue allows... Critical Unreviewed
CVE-2025-54294 was published Jul 23, 2025
A SQLi vulnerability in DJ-Flyer component 1.0-3.2 for Joomla was discovered. The issue allows... High Unreviewed
CVE-2025-50127 was published Jul 23, 2025
A potential SQL injection vulnerability has been identified in the Poly Clariti Manager for... High Unreviewed
CVE-2025-43022 was published Jul 23, 2025
SQL Injection in editor_sql_run and query_ex in eosphoros-ai DB-GPT 0.7.0 allows remote attackers... Moderate Unreviewed
CVE-2025-51458 was published Jul 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-4285 was published Jul 22, 2025
An SQL injection vulnerability in the legacy (transparent) SMTP proxy of Sophos Firewall versions... Critical Unreviewed
CVE-2025-7624 was published Jul 21, 2025
A post-auth SQL injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0... Moderate Unreviewed
CVE-2024-13973 was published Jul 21, 2025
A high privileged remote attacker can alter the configuration database via POST requests due to... Moderate Unreviewed
CVE-2025-41678 was published Jul 21, 2025
The SFT developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote... Critical Unreviewed
CVE-2025-7343 was published Jul 21, 2025
WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability,... Critical Unreviewed
CVE-2025-7918 was published Jul 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database