Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,073 advisories

Loading
NUP Pro developed by NewType Infortech has a SQL Injection vulnerability, allowing... Critical Unreviewed
CVE-2025-10266 was published Sep 12, 2025
A Zabbix adminitrator can inject arbitrary SQL during the autoremoval of hosts by inserting... High Unreviewed
CVE-2025-27240 was published Sep 12, 2025
The The Events Calendar plugin for WordPress is vulnerable to time-based SQL Injection via the ‘s... High Unreviewed
CVE-2025-9807 was published Sep 12, 2025
A vulnerability was identified in deepakmisal24 Chemical Inventory Management System up to 1.0.... Moderate Unreviewed
CVE-2025-9758 was published Sep 11, 2025
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an... Critical Unreviewed
CVE-2025-40687 was published Sep 11, 2025
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an... Critical Unreviewed
CVE-2025-40689 was published Sep 11, 2025
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an... Critical Unreviewed
CVE-2025-40690 was published Sep 11, 2025
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an... Critical Unreviewed
CVE-2025-40691 was published Sep 11, 2025
SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an... Critical Unreviewed
CVE-2025-40692 was published Sep 11, 2025
The Coupon API plugin for WordPress is vulnerable to SQL Injection via the ‘log_duration’... Moderate Unreviewed
CVE-2025-8692 was published Sep 11, 2025
The All in one Minifier plugin for WordPress is vulnerable to SQL Injection via the 'post_id'... High Unreviewed
CVE-2025-9073 was published Sep 11, 2025
The Smartcat Translator for WPML plugin for WordPress is vulnerable to time-based SQL Injection... Moderate Unreviewed
CVE-2025-9451 was published Sep 11, 2025
The CatFolders – Tame Your WordPress Media Library by Category plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-9776 was published Sep 11, 2025
A vulnerability was identified in 1000projects Beauty Parlour Management System 1.0. This affects... Moderate Unreviewed
CVE-2025-9919 was published Sep 10, 2025
A vulnerability has been found in HuangDou UTCMS V9 and classified as critical. This... High Unreviewed
CVE-2025-56407 was published Sep 10, 2025
A vulnerability was determined in Campcodes Advanced Online Voting System 1.0. Affected by this... Moderate Unreviewed
CVE-2025-9694 was published Sep 10, 2025
The PagBank / PagSeguro Connect para WooCommerce plugin for WordPress is vulnerable to SQL... Moderate Unreviewed
CVE-2025-10142 was published Sep 10, 2025
An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response... Critical Unreviewed
CVE-2025-9943 was published Sep 10, 2025
The Duplicate Page and Post plugin for WordPress is vulnerable to time-based SQL Injection via... Moderate Unreviewed
CVE-2025-6189 was published Sep 10, 2025
The Payments Plugin and Checkout Plugin for WooCommerce: Stripe, PayPal, Square, Authorize.net... Moderate Unreviewed
CVE-2025-9463 was published Sep 10, 2025
The Testimonial plugin for WordPress is vulnerable to SQL Injection via the 'iNICtestimonial'... Moderate Unreviewed
CVE-2025-7826 was published Sep 10, 2025
OPEXUS FOIAXpress Public Access Link (PAL) before version 11.13.1.0 allows SQL injection via... Critical Unreviewed
CVE-2025-58462 was published Sep 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-59008 was published Sep 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-58993 was published Sep 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-47569 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database