Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,532 advisories

Loading
The URL Shortener Plugin For WordPress plugin for WordPress is vulnerable to unauthorized access... Moderate Unreviewed
CVE-2025-10740 was published Oct 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-11253 was published Oct 24, 2025
gnuboard gnuboard4 v4.36.04 and before is vulnerable to Second-order SQL Injection via the... Moderate Unreviewed
CVE-2025-61464 was published Oct 23, 2025
A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue... Moderate Unreviewed
CVE-2025-0531 was published Jan 17, 2025
A vulnerability was determined in givanz Vvveb up to 1.0.7.3. This affects the function Import of... Moderate Unreviewed
CVE-2025-11944 was published Oct 19, 2025
A vulnerability was found in code-projects Chat System up to 1.0 and classified as critical. This... Moderate Unreviewed
CVE-2025-5881 was published Jun 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-59557 was published Oct 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-49931 was published Oct 22, 2025
Admidio Vulnerable to Authenticated SQL Injection in Member Assignment Functionality High
CVE-2025-62617 was published for admidio/admidio (Composer) Oct 22, 2025
XY20130630
Credited to XY20130630
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-49915 was published Oct 22, 2025
A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an... Critical Unreviewed
CVE-2025-40655 was published Jun 10, 2025
A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an... Critical Unreviewed
CVE-2025-40654 was published Jun 10, 2025
A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an... Critical Unreviewed
CVE-2025-40656 was published Jun 10, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Moderate Unreviewed
CVE-2025-49378 was published Oct 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Moderate Unreviewed
CVE-2025-48091 was published Oct 22, 2025
A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an... Critical Unreviewed
CVE-2025-40657 was published Jun 10, 2025
A SQL Injection vulnerability exists in Esri ArcGIS Server versions 11.3, 11.4 and 11.5 on... Critical Unreviewed
CVE-2025-57870 was published Oct 22, 2025
The Email Tracker – Email Log, Email Open Tracking, Email Analytics & Email Management for... Moderate Unreviewed
CVE-2025-10047 was published Oct 22, 2025
An improper neutralization of special elements used in an SQL command ('SQL Injection')... Critical Unreviewed
CVE-2025-25257 was published Jul 17, 2025
A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows... Moderate Unreviewed
CVE-2025-25181 was published Feb 3, 2025
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated... Critical Unreviewed
CVE-2024-9465 was published Oct 9, 2024
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an... Critical Unreviewed
CVE-2024-6670 was published Aug 30, 2024
A improper neutralization of special elements used in an sql command ('sql injection') in... Critical Unreviewed
CVE-2023-48788 was published Mar 12, 2024
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022... Critical Unreviewed
CVE-2023-34362 was published Jun 2, 2023
** UNSUPPORTED WHEN ASSIGNED ** Improper neutralization of a SQL Command leading to SQL Injection... Critical Unreviewed
CVE-2021-20028 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database