Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,080 advisories

Loading
SQL Injection vulnerability in pbootCMS v.3.2.5 and v.3.2.10 allows a remote attacker to obtain... High Unreviewed
CVE-2025-46109 was published Jun 18, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-52821 was published Jun 20, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-52822 was published Jun 20, 2025
The WP Editor WordPress plugin before 1.2.7 did not sanitise or validate its setting fields... High Unreviewed
CVE-2021-24151 was published Jan 16, 2024
The plugin does not filter the "delete_entries" parameter from user requests, leading to an SQL... High Unreviewed
CVE-2022-3764 was published Jan 16, 2024
A time-based blind SQL injection vulnerability was identified in the PHPGurukul Dairy Farm Shop... High Unreviewed
CVE-2025-51672 was published Jun 26, 2025
A SQL injection vulnerability exists in Fanwei e-cology 8.0 via the getdata.jsp endpoint. The... High Unreviewed
CVE-2025-34038 was published Jun 26, 2025
SQL Injection vulnerability in Student Record system Using PHP and MySQL v.3.20 allows a remote... High Unreviewed
CVE-2024-27685 was published Jun 26, 2025
IBM InfoSphere Information Server 11.7 vulnerable to SQL injection. A remote attacker could send... High Unreviewed
CVE-2025-0966 was published Jun 26, 2025
The Owl carousel responsive plugin for WordPress is vulnerable to time-based SQL Injection via... High Unreviewed
CVE-2025-5590 was published Jun 26, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-53258 was published Jun 27, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-53256 was published Jun 27, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-53306 was published Jun 27, 2025
An SQL injection vulnerability exists in the Dahua Smart Cloud Gateway Registration Management... High Unreviewed
CVE-2025-34059 was published Jul 1, 2025
Multiple SQL injection vulnerabilities in Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2... High Unreviewed
CVE-2012-6427 was published May 17, 2022
The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is... High Unreviewed
CVE-2025-4381 was published Jul 2, 2025
The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is... High Unreviewed
CVE-2025-5339 was published Jul 2, 2025
The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is... High Unreviewed
CVE-2025-6437 was published Jul 2, 2025
Withdrawn Advisory: Daylight Studio FUEL-CMS SQLi Vulnerability High
CVE-2020-24950 was published for codeigniter/framework (Composer) Aug 11, 2023 withdrawn
The inprosysmedia-likes-dislikes-post WordPress plugin through 1.0.0 does not properly sanitise... High Unreviewed
CVE-2025-4840 was published Jun 10, 2025
The application is vulnerable to SQL injection attacks. An attacker is able to dump the... High Unreviewed
CVE-2025-1708 was published Jul 3, 2025
The GoZen Forms plugin for WordPress is vulnerable to SQL Injection via the 'forms-id' parameter... High Unreviewed
CVE-2025-6783 was published Jul 4, 2025
The GoZen Forms plugin for WordPress is vulnerable to SQL Injection via the 'forms-id' parameter... High Unreviewed
CVE-2025-6782 was published Jul 4, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24748 was published Jul 4, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-30969 was published Jul 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database