Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

4,182 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-6918 was published Jul 28, 2025
An unauthenticated SQL injection vulnerability exists in Pandora FMS version 5.0 SP2 and earlier.... Critical Unreviewed
CVE-2014-125115 was published Jul 25, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-4784 was published Jul 25, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-4822 was published Jul 25, 2025
XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter Critical
CVE-2025-32429 was published for org.xwiki.platform:xwiki-platform-distribution-war (Maven) Jul 24, 2025
A SQLi vulnerability in Komento component 4.0.0-4.0.7for Joomla was discovered. The issue allows... Critical Unreviewed
CVE-2025-54294 was published Jul 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-4285 was published Jul 22, 2025
A SQL injection in Articles Calendar extension 1.0.0 - 1.0.1.0007 for Joomla allows attackers to... Critical Unreviewed
CVE-2025-26855 was published Jul 18, 2025
A SQL injection in Articles Good Search extension 1.0.0 - 1.2.4.0011 for Joomla allows attackers... Critical Unreviewed
CVE-2025-26854 was published Jul 18, 2025
An SQL injection vulnerability in the legacy (transparent) SMTP proxy of Sophos Firewall versions... Critical Unreviewed
CVE-2025-7624 was published Jul 21, 2025
WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability,... Critical Unreviewed
CVE-2025-7918 was published Jul 21, 2025
The SFT developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote... Critical Unreviewed
CVE-2025-7343 was published Jul 21, 2025
Jeecg-boot vulnerable to SQL Injection Critical
CVE-2022-45206 was published for org.jeecgframework.boot:jeecg-module-system (Maven) Nov 25, 2022
achibear
Jeecg-boot vulnerable to SQL injection via updateNullByEmptyString Critical
CVE-2022-45207 was published for org.jeecgframework.boot:jeecg-module-system (Maven) Nov 25, 2022
achibear
nbcio-boot v1.0.3 was discovered to contain a SQL injection vulnerability via the userIds... Critical Unreviewed
CVE-2025-50240 was published Jul 17, 2025
DB-GPT is vulnerable to SQL Injection attacks from unauthenticated users Critical
CVE-2024-10835 was published for dbgpt (pip) Mar 20, 2025
SQL injection vulnerability exists in OS4ED openSIS-Classic Version 9.1, specifically in the... Critical Unreviewed
CVE-2024-51211 was published Nov 8, 2024
An improper neutralization of special elements used in an SQL command ('SQL Injection')... Critical Unreviewed
CVE-2025-25257 was published Jul 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-52714 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-30936 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-28959 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-28982 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-24759 was published Jul 16, 2025
employee record management system in php and mysql v1 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2025-45065 was published Jul 7, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Critical Unreviewed
CVE-2025-0668 was published May 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database