Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,073 advisories

Loading
A SQL Injection vulnerability exists in the product.php page of PuneethReddyHC Online Shopping... Moderate Unreviewed
CVE-2025-51969 was published Aug 28, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49404 was published Aug 28, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39496 was published Aug 28, 2025
The Simple Download Monitor plugin for WordPress is vulnerable to time-based SQL Injection via... Moderate Unreviewed
CVE-2025-8977 was published Aug 28, 2025
An unauthenticated SQL injection vulnerability exists in the GetLyfsByParams endpoint of Bian Que... Critical Unreviewed
CVE-2025-34162 was published Aug 28, 2025
A SQL injection vulnerability exists in the St. Joe ERP system ("圣乔ERP系统") that allows... Critical Unreviewed
CVE-2024-13979 was published Aug 28, 2025
NodeBB SQL Injection vulnerability High
CVE-2025-50979 was published for nodebb (npm) Aug 27, 2025
simple-admin-core SQL Injection vulnerability High
CVE-2025-51667 was published for github.com/suyuan32/simple-admin-core (Go) Aug 27, 2025
SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API... High Unreviewed
CVE-2025-50983 was published Aug 27, 2025
diskover-web v2.3.0 Community Edition is vulnerable to multiple boolean-based blind SQL injection... Moderate Unreviewed
CVE-2025-50984 was published Aug 27, 2025
SQL Injection vulnerability in AbanteCart 1.4.2, allows unauthenticated attackers to execute... Critical Unreviewed
CVE-2025-50972 was published Aug 27, 2025
In the PrepareCDExportJSON.pl service, the "getPerfServiceIds" function is vulnerable to SQL... Moderate Unreviewed
CVE-2025-30059 was published Aug 27, 2025
In the "utils/Reporter/OpenReportWindow.pl" service, there is an SQL injection vulnerability... Moderate Unreviewed
CVE-2025-30061 was published Aug 27, 2025
In the ReturnUserUnitsXML.pl service, the "getUserInfo" function is vulnerable to SQL injection... Moderate Unreviewed
CVE-2025-30060 was published Aug 27, 2025
In the PatientService.pl service, the "getPatientIdentifier" function is vulnerable to SQL... Moderate Unreviewed
CVE-2025-30058 was published Aug 27, 2025
The Vibes plugin for WordPress is vulnerable to time-based SQL Injection via the ‘resource’... High Unreviewed
CVE-2025-9172 was published Aug 26, 2025
Easy!Appointments SQL injection vulnerability Moderate
CVE-2025-50383 was published for alextselegidis/easyappointments (Composer) Aug 26, 2025
SQL Injection vulnerability in SMM Panel 3.1 allowing remote attackers to gain sensitive... Critical Unreviewed
CVE-2025-55575 was published Aug 26, 2025
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in index.php via the... Critical Unreviewed
CVE-2025-56214 was published Aug 26, 2025
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in contact.php via the... Moderate Unreviewed
CVE-2025-56215 was published Aug 26, 2025
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in add-doctor.php via... Critical Unreviewed
CVE-2025-56212 was published Aug 26, 2025
phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in about-us.php via the... High Unreviewed
CVE-2025-56216 was published Aug 26, 2025
A weakness has been identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this issue is the... Moderate Unreviewed
CVE-2025-9391 was published Aug 24, 2025
User with high privileges is able to introduce a SQLi using the Meta Service indicator page.... High Unreviewed
CVE-2025-4650 was published Aug 22, 2025
On the monitoring event logs page, it is possible to alter the http request to insert a payload... High Unreviewed
CVE-2025-6791 was published Aug 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database