Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,095 advisories

Loading
A vulnerability classified as critical was found in deerwms deer-wms-2 up to 3.3. This... Moderate Unreviewed
CVE-2025-8127 was published Jul 25, 2025
A vulnerability classified as critical was found in PHPGurukul BP Monitoring Management System 1... Moderate Unreviewed
CVE-2025-8134 was published Jul 25, 2025
A vulnerability classified as critical has been found in deerwms deer-wms-2 up to 3.3. This... Moderate Unreviewed
CVE-2025-8126 was published Jul 25, 2025
A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been rated as critical.... Moderate Unreviewed
CVE-2025-8125 was published Jul 25, 2025
A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been declared as critical.... Moderate Unreviewed
CVE-2025-8124 was published Jul 25, 2025
A vulnerability was found in deerwms deer-wms-2 up to 3.3. It has been classified as critical.... Moderate Unreviewed
CVE-2025-8123 was published Jul 24, 2025
XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter Critical
CVE-2025-32429 was published for org.xwiki.platform:xwiki-platform-distribution-war (Maven) Jul 24, 2025
eKuiper API endpoints handling SQL queries with user-controlled table names. High
CVE-2025-54379 was published for github.com/lf-edge/ekuiper (Go) Jul 24, 2025
odaysec
A SQLi vulnerability in Komento component 4.0.0-4.0.7for Joomla was discovered. The issue allows... Critical Unreviewed
CVE-2025-54294 was published Jul 23, 2025
A SQLi vulnerability in DJ-Flyer component 1.0-3.2 for Joomla was discovered. The issue allows... High Unreviewed
CVE-2025-50127 was published Jul 23, 2025
A potential SQL injection vulnerability has been identified in the Poly Clariti Manager for... High Unreviewed
CVE-2025-43022 was published Jul 23, 2025
SQL Injection in editor_sql_run and query_ex in eosphoros-ai DB-GPT 0.7.0 allows remote attackers... Moderate Unreviewed
CVE-2025-51458 was published Jul 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-4285 was published Jul 22, 2025
An SQL injection vulnerability in the legacy (transparent) SMTP proxy of Sophos Firewall versions... Critical Unreviewed
CVE-2025-7624 was published Jul 21, 2025
A post-auth SQL injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0... Moderate Unreviewed
CVE-2024-13973 was published Jul 21, 2025
A high privileged remote attacker can alter the configuration database via POST requests due to... Moderate Unreviewed
CVE-2025-41678 was published Jul 21, 2025
The SFT developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote... Critical Unreviewed
CVE-2025-7343 was published Jul 21, 2025
WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability,... Critical Unreviewed
CVE-2025-7918 was published Jul 21, 2025
A vulnerability, which was classified as critical, has been found in Onyx up to 0.29.1. This... Moderate Unreviewed
CVE-2025-7894 was published Jul 20, 2025
A vulnerability was found in TDuckCloud tduck-platform 5.1 and classified as critical. This issue... Moderate Unreviewed
CVE-2025-7888 was published Jul 20, 2025
A vulnerability was found in Metasoft 美特软件 MetaCRM up to 6.4.2. It has been declared as critical.... Moderate Unreviewed
CVE-2025-7873 was published Jul 20, 2025
In One Identity OneLogin before 2025.2.0, the SQL connection "application name" is set based on... Moderate Unreviewed
CVE-2025-52924 was published Jul 19, 2025
StudentManage v1.0 was discovered to contain a SQL injection vulnerability via the component ... High Unreviewed
CVE-2025-50585 was published Jul 18, 2025
A SQL injection vulnerability in the Balbooa Forms plugin 1.0.0-2.3.1.1 for Joomla allows... High Unreviewed
CVE-2025-49485 was published Jul 18, 2025
A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low... High Unreviewed
CVE-2025-49484 was published Jul 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database