Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,080 advisories

Loading
Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing... High Unreviewed
CVE-2025-8858 was published Aug 29, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49404 was published Aug 28, 2025
NodeBB SQL Injection vulnerability High
CVE-2025-50979 was published for nodebb (npm) Aug 27, 2025
simple-admin-core SQL Injection vulnerability High
CVE-2025-51667 was published for github.com/suyuan32/simple-admin-core (Go) Aug 27, 2025
SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API... High Unreviewed
CVE-2025-50983 was published Aug 27, 2025
The Vibes plugin for WordPress is vulnerable to time-based SQL Injection via the ‘resource’... High Unreviewed
CVE-2025-9172 was published Aug 26, 2025
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in about-us.php via the... High Unreviewed
CVE-2025-56216 was published Aug 26, 2025
User with high privileges is able to introduce a SQLi using the Meta Service indicator page.... High Unreviewed
CVE-2025-4650 was published Aug 22, 2025
On the monitoring event logs page, it is possible to alter the http request to insert a payload... High Unreviewed
CVE-2025-6791 was published Aug 22, 2025
SQL Injection vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1... High Unreviewed
CVE-2024-48988 was published Aug 22, 2025
An SQL injection vulnerability in Yoosee application v6.32.4 allows authenticated users to inject... High Unreviewed
CVE-2025-52085 was published Aug 22, 2025
WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote... High Unreviewed
CVE-2025-9255 was published Aug 22, 2025
The JS Archive List plugin for WordPress is vulnerable to time-based SQL Injection via the... High Unreviewed
CVE-2025-7670 was published Aug 19, 2025
The School Management System for Wordpress plugin for WordPress is vulnerable to SQL Injection... High Unreviewed
CVE-2024-12612 was published Aug 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49897 was published Aug 15, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-1929 was published Aug 15, 2025
A SQLi vulnerability in DJ-Classifieds component 3.9.2-3.10.1 for Joomla was discovered. The... High Unreviewed
CVE-2025-54474 was published Aug 15, 2025
A SQL injection vulnerability in the JS Jobs plugin versions 1.3.2-1.4.4 for Joomla allows low... High Unreviewed
CVE-2025-54475 was published Aug 15, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-55708 was published Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-52820 was published Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-52823 was published Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49267 was published Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-39510 was published Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-30998 was published Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49033 was published Aug 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database