Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,262
NuGet
760
pip
4,058
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,536 advisories

Loading
A vulnerability was detected in SourceCodester Best House Rental Management System 1.0. Affected... Moderate Unreviewed
CVE-2025-12597 was published Nov 2, 2025
A flaw has been found in SourceCodester Best House Rental Management System 1.0. Affected by this... Moderate Unreviewed
CVE-2025-12598 was published Nov 2, 2025
A vulnerability has been found in itsourcecode Online Loan Management System 1.0. This affects an... Moderate Unreviewed
CVE-2025-12604 was published Nov 3, 2025
A vulnerability was found in itsourcecode Online Loan Management System 1.0. This vulnerability... Moderate Unreviewed
CVE-2025-12605 was published Nov 3, 2025
A vulnerability was determined in itsourcecode Online Loan Management System 1.0. This issue... Moderate Unreviewed
CVE-2025-12606 was published Nov 3, 2025
A flaw has been found in itsourcecode Billing System 1.0. This affects an unknown function of the... Moderate Unreviewed
CVE-2025-12617 was published Nov 3, 2025
The The Events Calendar plugin for WordPress is vulnerable to blind SQL Injection via the 's'... High Unreviewed
CVE-2025-12197 was published Nov 5, 2025
An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response... Critical Unreviewed
CVE-2025-9943 was published Sep 10, 2025
SQL Injection vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1... High Unreviewed
CVE-2024-48988 was published Aug 22, 2025
The DB chooser functionality in Jalios JPlatform 10 SP6 before 10.0.6 improperly neutralizes... Moderate Unreviewed
CVE-2025-0942 was published Apr 8, 2025
An issue was discovered in SchedMD Slurm 23.11.x. There is SQL Injection against the SlurmDBD... Critical Unreviewed
CVE-2023-49934 was published Dec 14, 2023
SQL Injection vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary SQL... High Unreviewed
CVE-2024-30928 was published Apr 19, 2024
SQL Injection vulnerability in DerbyNet v9.0 allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2024-30922 was published Apr 18, 2024
Django SQL injection vulnerability Critical
CVE-2024-42005 was published for Django (pip) Aug 7, 2024
Improper neutralization of special elements results in a SQL Injection vulnerability in Riello... Moderate Unreviewed
CVE-2024-8877 was published Sep 25, 2024
An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial to... Critical Unreviewed
CVE-2024-8503 was published Sep 10, 2024
Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/contact.php. Critical Unreviewed
CVE-2025-63453 was published Nov 3, 2025
PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names High
CVE-2022-31197 was published for org.postgresql:postgresql (Maven) Aug 6, 2022
kato-sho JBrown0x90
Credited to kato-sho and JBrown0x90
A vulnerability was found in shawon100 RUET OJ up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5.... Moderate Unreviewed
CVE-2025-12326 was published Oct 27, 2025
A vulnerability was identified in shawon100 RUET OJ up to... Moderate Unreviewed
CVE-2025-12328 was published Oct 28, 2025
A vulnerability was determined in shawon100 RUET OJ up to... Moderate Unreviewed
CVE-2025-12327 was published Oct 27, 2025
A security flaw has been discovered in shawon100 RUET OJ up to... Moderate Unreviewed
CVE-2025-12329 was published Oct 28, 2025
An unauthenticated attacker can perform an SQL injection by accessing the /class/dbconnect.php... Moderate Unreviewed
CVE-2024-28145 was published Dec 12, 2024
By sending a specially crafted push message, a remote server could have hung the parent process,... High Unreviewed
CVE-2024-10466 was published Oct 29, 2024
An authenticated attacker with the user/role "Poweruser" can perform an SQL injection by... Moderate Unreviewed
CVE-2024-50584 was published Dec 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database