Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,238 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-47573 was published Jun 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-48274 was published Jun 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39479 was published Jun 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-24773 was published Jun 17, 2025
The WIMP website co-construction management platform from HAMASTAR Technology has a SQL Injection... Critical Unreviewed
CVE-2025-6169 was published Jun 16, 2025
XWiki allows SQL injection in query endpoint of REST API with Oracle Critical
CVE-2024-56158 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Jun 12, 2025
A SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla was... Critical Unreviewed
CVE-2025-49467 was published Jun 12, 2025
A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an... Critical Unreviewed
CVE-2025-40655 was published Jun 10, 2025
A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an... Critical Unreviewed
CVE-2025-40654 was published Jun 10, 2025
A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an... Critical Unreviewed
CVE-2025-40656 was published Jun 10, 2025
A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an... Critical Unreviewed
CVE-2025-40657 was published Jun 10, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-48141 was published Jun 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-48281 was published Jun 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-47608 was published Jun 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-48122 was published Jun 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-31424 was published Jun 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-31059 was published Jun 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-24767 was published Jun 9, 2025
Improper neutralization of input provided by an unauthorized user into changes__reference_id... Critical Unreviewed
CVE-2025-4568 was published Jun 5, 2025
llama_index vulnerable to SQL Injection Critical
CVE-2025-1793 was published for llama-index (pip) Jun 5, 2025
Malayke
Credited to Malayke
The File Provider WordPress plugin through 1.2.3 does not properly sanitise and escape a... Critical Unreviewed
CVE-2025-4578 was published Jun 4, 2025
An SQL injection vulnerability exists in the delete function of DuckDBVectorStore in run-llama... Critical Unreviewed
CVE-2025-1750 was published Jun 2, 2025
PHPGURUKUL Restaurant Table Booking System using PHP and MySQL v1.0 was discovered to contain a... Critical Unreviewed
CVE-2024-51101 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-48283 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-47640 was published May 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database