Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,744 advisories

Loading
SQL Injection in the listdomains function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows... Moderate Unreviewed
CVE-2025-50860 was published Aug 21, 2025
Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a SQL injection... Moderate Unreviewed
CVE-2025-50926 was published Aug 19, 2025
In the smartLibrary component of the HRForecast Suite 0.4.3, a SQL injection vulnerability was... Moderate Unreviewed
CVE-2025-51506 was published Aug 19, 2025
A vulnerability was identified in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6... Moderate Unreviewed
CVE-2025-9140 was published Aug 19, 2025
MoonShine SQL Injection Vulnerability Moderate
CVE-2025-51510 was published for moonshine/moonshine (Composer) Aug 19, 2025
HCL BigFix SaaS Authentication Service is affected by a SQL injection vulnerability. The... Moderate Unreviewed
CVE-2025-52618 was published Aug 16, 2025
A vulnerability has been found in projectworlds Travel Management System 1.0. This vulnerability... Moderate Unreviewed
CVE-2025-9053 was published Aug 15, 2025
A vulnerability was identified in projectworlds Travel Management System 1.0. This affects an... Moderate Unreviewed
CVE-2025-9052 was published Aug 15, 2025
The Gestion de tarifs plugin for WordPress is vulnerable to SQL Injection via the 'tarif' and ... Moderate Unreviewed
CVE-2025-7662 was published Aug 15, 2025
A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.0. This... Moderate Unreviewed
CVE-2025-9013 was published Aug 15, 2025
A vulnerability was determined in PHPGurukul Online Shopping Portal Project 2.0. Affected by this... Moderate Unreviewed
CVE-2025-9011 was published Aug 15, 2025
A vulnerability was identified in Surbowl dormitory-management-php 1.0. This affects an unknown... Moderate Unreviewed
CVE-2025-9002 was published Aug 15, 2025
A vulnerability was determined in code-projects Online Medicine Guide 1.0. Affected is an unknown... Moderate Unreviewed
CVE-2025-8990 was published Aug 15, 2025
A vulnerability has been found in SourceCodester Cashier Queuing System 1.0. Affected is an... Moderate Unreviewed
CVE-2025-8973 was published Aug 14, 2025
Apache Superset has bypass of `DISALLOWED_SQL_FUNCTIONS` that allows execution of blocked SQL functions Moderate
CVE-2025-55674 was published for apache-superset (pip) Aug 14, 2025
A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by... Moderate Unreviewed
CVE-2025-8926 was published Aug 13, 2025
A vulnerability was determined in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6... Moderate Unreviewed
CVE-2025-8908 was published Aug 13, 2025
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the... Moderate Unreviewed
CVE-2025-50468 was published Aug 8, 2025
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the... Moderate Unreviewed
CVE-2025-50467 was published Aug 8, 2025
Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a SQL injection... Moderate Unreviewed
CVE-2025-50928 was published Aug 8, 2025
Hospital Management System 4 is vulnerable to a SQL injection in /Hospital-Management-System... Moderate Unreviewed
CVE-2023-40992 was published Aug 7, 2025
Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL... Moderate Unreviewed
CVE-2025-54396 was published Aug 7, 2025
The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-6986 was published Aug 6, 2025
Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a SQL injection... Moderate Unreviewed
CVE-2025-51535 was published Aug 4, 2025
A SQL Injection vulnerability exists in the takeassessment2.php file of CloudClassroom-PHP... Moderate Unreviewed
CVE-2025-50868 was published Aug 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database