Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,238 advisories

Loading
A vulnerability has been identified in OZW672 (All versions < V6.0), OZW772 (All versions < V6.0)... Critical Unreviewed
CVE-2025-26390 was published May 13, 2025
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.... Critical Unreviewed
CVE-2023-49641 was published May 13, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-47682 was published May 12, 2025
EngineerCMS v1.02 through v.2.0.5 has a SQL injection vulnerability in the /project... Critical Unreviewed
CVE-2025-44830 was published May 12, 2025
The ISOinsight from Netvision has a SQL Injection vulnerability, allowing unauthenticated remote... Critical Unreviewed
CVE-2025-4559 was published May 12, 2025
SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in... Critical Unreviewed
CVE-2025-46190 was published May 9, 2025
SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in... Critical Unreviewed
CVE-2025-46192 was published May 9, 2025
SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in... Critical Unreviewed
CVE-2025-46189 was published May 9, 2025
SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in... Critical Unreviewed
CVE-2025-46188 was published May 9, 2025
PHPGURUKUL Vehicle Parking Management System v1.13 is vulnerable to SQL injection in the /vpms... Critical Unreviewed
CVE-2025-45885 was published May 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-47657 was published May 7, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Critical Unreviewed
CVE-2025-0668 was published May 7, 2025
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component... Critical Unreviewed
CVE-2025-44073 was published May 6, 2025
Unrestricted file upload in TCMAN's GIM v11. This vulnerability allows an unauthenticated... Critical Unreviewed
CVE-2025-40625 was published May 6, 2025
SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject... Critical Unreviewed
CVE-2025-40620 was published May 6, 2025
SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject... Critical Unreviewed
CVE-2025-40622 was published May 6, 2025
SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject... Critical Unreviewed
CVE-2025-40624 was published May 6, 2025
SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject... Critical Unreviewed
CVE-2025-40623 was published May 6, 2025
SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject... Critical Unreviewed
CVE-2025-40621 was published May 6, 2025
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component... Critical Unreviewed
CVE-2025-44074 was published May 6, 2025
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component... Critical Unreviewed
CVE-2025-44072 was published May 6, 2025
kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in osms/Requester... Critical Unreviewed
CVE-2025-45322 was published May 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-2812 was published May 2, 2025
Le-show medical practice management system from Le-yan has a SQL Injection vulnerability,... Critical Unreviewed
CVE-2025-3708 was published May 2, 2025
SQL injection in ADOdb PostgreSQL driver pg_insert_id() method Critical
CVE-2025-46337 was published for adodb/adodb-php (Composer) May 1, 2025
mrcnpp dregad
Credited to mrcnpp and dregad
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database