Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,080 advisories

Loading
A Zabbix adminitrator can inject arbitrary SQL during the autoremoval of hosts by inserting... High Unreviewed
CVE-2025-27240 was published Sep 12, 2025
The The Events Calendar plugin for WordPress is vulnerable to time-based SQL Injection via the ‘s... High Unreviewed
CVE-2025-9807 was published Sep 12, 2025
The All in one Minifier plugin for WordPress is vulnerable to SQL Injection via the 'post_id'... High Unreviewed
CVE-2025-9073 was published Sep 11, 2025
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1... High Unreviewed
CVE-2025-41376 was published Aug 1, 2025
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1... High Unreviewed
CVE-2025-41375 was published Aug 1, 2025
A vulnerability has been found in HuangDou UTCMS V9 and classified as critical. This... High Unreviewed
CVE-2025-56407 was published Sep 10, 2025
Django is subject to SQL injection through its column aliases High
CVE-2025-57833 was published for Django (pip) Sep 8, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-59008 was published Sep 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-58993 was published Sep 9, 2025
WeiPHP v5.0 and before is vulnerable to SQL Injection via the SucaiController.class.php file and... High Unreviewed
CVE-2025-55849 was published Sep 8, 2025
A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could... High Unreviewed
CVE-2025-49215 was published Jun 17, 2025
A SQL Injection vulnerability was found in phpgurukul Complaint Management System 2.0. The... High Unreviewed
CVE-2025-57147 was published Sep 3, 2025
FoxCMS v1.2.5 and before is vulnerable to SQL Injection via the column_model parameter in the app... High Unreviewed
CVE-2025-56630 was published Sep 8, 2025
ERP is a free and open source Enterprise Resource Planning tool. In versions below 14.89.2 and 15... High Unreviewed
CVE-2025-58439 was published Sep 6, 2025
Liferay Portal and Liferay DXP Vulnerable to SQL Injection via the Layout Module High
CVE-2022-42121 was published for com.liferay.portal:release.dxp.bom (Maven) Nov 15, 2022
In multiple functions of PickerDbFacade.java, there is a possible unauthorized data access due to... High Unreviewed
CVE-2025-32327 was published Sep 4, 2025
In multiple locations, there is a possible way to read files belonging to other apps due to SQL... High Unreviewed
CVE-2025-48544 was published Sep 4, 2025
index.em7 in ScienceLogic SL1 before 12.1.1 allows SQL Injection via a parameter in a request. High Unreviewed
CVE-2025-58780 was published Sep 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-58881 was published Sep 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-58788 was published Sep 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-58789 was published Sep 5, 2025
An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an... High Unreviewed
CVE-2025-41032 was published Sep 4, 2025
An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an... High Unreviewed
CVE-2025-41033 was published Sep 4, 2025
An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an... High Unreviewed
CVE-2025-41034 was published Sep 4, 2025
phpgurukul Complaint Management System in PHP 2.0 is vulnerable to SQL Injection in user/reset... High Unreviewed
CVE-2025-57146 was published Sep 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database