Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,080 advisories

Loading
Rocket Software Rocket Zena 4.4.1.26 is vulnerable to SQL Injection via the filter parameter. High Unreviewed
CVE-2024-45955 was published Jul 30, 2025
Bacula-web SQL Injection Vulnerability High
CVE-2025-45346 was published for bacula-web/bacula-web (Composer) Jul 29, 2025
SQL Injection affecting the Archiver role. High Unreviewed
CVE-2025-2928 was published Jul 29, 2025
A SQL Injection vulnerability exists in the action.php endpoint of PuneethReddyHC Online Shopping... High Unreviewed
CVE-2025-51970 was published Jul 29, 2025
SQL injection vulnerability in Human Resource Management System version 1.0, which allows an... High Unreviewed
CVE-2025-40682 was published Jul 29, 2025
The Bricks theme for WordPress is vulnerable to blind SQL Injection via the ‘p’ parameter in all... High Unreviewed
CVE-2025-6495 was published Jul 29, 2025
z-push/z-push-dev SQL Injection Vulnerability High
CVE-2025-8264 was published for z-push/z-push-dev (Composer) Jul 29, 2025
The GeoDirectory – WP Business Directory Plugin and Classified Listings Directory plugin for... High Unreviewed
CVE-2024-13507 was published Jul 26, 2025
XWiki Platform vulnerable to SQL injection through XWiki#searchDocuments API High
CVE-2025-54385 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Jul 25, 2025
eKuiper API endpoints handling SQL queries with user-controlled table names. High
CVE-2025-54379 was published for github.com/lf-edge/ekuiper (Go) Jul 24, 2025
odaysec
A SQLi vulnerability in DJ-Flyer component 1.0-3.2 for Joomla was discovered. The issue allows... High Unreviewed
CVE-2025-50127 was published Jul 23, 2025
A potential SQL injection vulnerability has been identified in the Poly Clariti Manager for... High Unreviewed
CVE-2025-43022 was published Jul 23, 2025
StudentManage v1.0 was discovered to contain a SQL injection vulnerability via the component ... High Unreviewed
CVE-2025-50585 was published Jul 18, 2025
A SQL injection vulnerability in the Balbooa Forms plugin 1.0.0-2.3.1.1 for Joomla allows... High Unreviewed
CVE-2025-49485 was published Jul 18, 2025
A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4.1 for Joomla allows low... High Unreviewed
CVE-2025-49484 was published Jul 18, 2025
SQL Injection vulnerability in cnhcit.com Haichang OA v.1.0.0 allows a remote attacker to obtain... High Unreviewed
CVE-2024-32323 was published Jul 17, 2025
The Hospital Information System developed by UNIMAX has a SQL Injection vulnerability, allowing... High Unreviewed
CVE-2025-7735 was published Jul 17, 2025
A security vulnerability has been identified in HPE Telco Service Orchestrator software. The... High Unreviewed
CVE-2025-37104 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-52819 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49034 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-47645 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49876 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32574 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-54043 was published Jul 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-54026 was published Jul 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database