GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,513

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

14,948 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The GSpeech TTS – WordPress Text To Speech Plugin plugin for WordPress is vulnerable to SQL... Moderate Unreviewed

CVE-2025-10187 was published Oct 18, 2025

The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-11691 was published Oct 18, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Low Unreviewed

CVE-2025-62655 was published Oct 18, 2025

A security vulnerability has been detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.40.... Moderate Unreviewed

CVE-2025-11910 was published Oct 17, 2025

A vulnerability was detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. This impacts... Moderate Unreviewed

CVE-2025-11911 was published Oct 17, 2025

A flaw has been found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected is the... Moderate Unreviewed

CVE-2025-11912 was published Oct 17, 2025

A weakness has been identified in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The... Moderate Unreviewed

CVE-2025-11909 was published Oct 17, 2025

Tillywork v0.1.3 and below is vulnerable to SQL Injection in app/common/helpers/query.builder... Moderate Unreviewed

CVE-2025-60514 was published Oct 17, 2025

A flaw has been found in yanyutao0402 ChanCMS up to 3.3.2. Affected by this issue is the function... Moderate Unreviewed

CVE-2025-11903 was published Oct 17, 2025

A vulnerability was detected in yanyutao0402 ChanCMS up to 3.3.2. Affected by this vulnerability... Moderate Unreviewed

CVE-2025-11902 was published Oct 17, 2025

A vulnerability has been found in yanyutao0402 ChanCMS up to 3.3.2. This affects the function... Moderate Unreviewed

CVE-2025-11904 was published Oct 17, 2025

The file mexcel.php in the Vfront 0.99.52 codebase contains a vulnerable call to unserialize... Moderate Unreviewed

CVE-2025-60641 was published Oct 16, 2025

SQL injection vulnerability in the cmd component of Base Digitale Group spa product Centrax Open... Moderate Unreviewed

CVE-2025-56699 was published Oct 16, 2025

Boolean SQL injection vulnerability in the web app of Base Digitale Group spa product Centrax... Moderate Unreviewed

CVE-2025-56700 was published Oct 16, 2025

SQL injection vulnerability in Ultimate PHP Board 2.2.7 via the username field in lostpassword.php. Moderate Unreviewed

CVE-2025-61540 was published Oct 16, 2025

SQL injection in Sergestec's Exito v8.0. This vulnerability allows an attacker to retrieve,... Critical Unreviewed

CVE-2025-41018 was published Oct 16, 2025

SQL injection in Sergestec's SISTICK v7.2. This vulnerability allows an attacker to retrieve,... Critical Unreviewed

CVE-2025-41019 was published Oct 16, 2025

The Wp tabber widget plugin for WordPress is vulnerable to SQL Injection via the 'wp-tabber... Moderate Unreviewed

CVE-2025-10730 was published Oct 15, 2025

The WP Google Map Plugin plugin for WordPress is vulnerable to blind SQL Injection via the 'id'... Moderate Unreviewed

CVE-2025-11365 was published Oct 15, 2025

The Rich Snippet Site Report plugin for WordPress is vulnerable to SQL Injection via the 'last'... Moderate Unreviewed

CVE-2025-10310 was published Oct 15, 2025

The WP jQuery Pager plugin for WordPress is vulnerable to SQL Injection via the 'ids' shortcode... Moderate Unreviewed

CVE-2025-10575 was published Oct 15, 2025

The Outdoor plugin for WordPress is vulnerable to SQL Injection via the 'edit' action in all... High Unreviewed

CVE-2025-10743 was published Oct 15, 2025

The WP Dashboard Chat plugin for WordPress is vulnerable to SQL Injection via the ‘id’ parameter... Moderate Unreviewed

CVE-2025-10660 was published Oct 15, 2025

The TARIFFUXX plugin for WordPress is vulnerable to SQL Injection in versions up to, and... Moderate Unreviewed

CVE-2025-10682 was published Oct 15, 2025

The External Login plugin for WordPress is vulnerable to SQL Injection via the 'log' parameter in... High Unreviewed

CVE-2025-11177 was published Oct 15, 2025

Previous 1…6…400 Next

Previous 1 2 3 4 5 6 7 8 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

14,948 advisories