GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,619
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,640
Maven 6,106
npm 4,265
NuGet 760
pip 4,060
Pub 12
RubyGems 956
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,076

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

15,537 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows... Moderate Unreviewed

CVE-2025-25181 was published Feb 3, 2025

An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated... Critical Unreviewed

CVE-2024-9465 was published Oct 9, 2024

In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an... Critical Unreviewed

CVE-2024-6670 was published Aug 30, 2024

A improper neutralization of special elements used in an sql command ('sql injection') in... Critical Unreviewed

CVE-2023-48788 was published Mar 12, 2024

In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022... Critical Unreviewed

CVE-2023-34362 was published Jun 2, 2023

** UNSUPPORTED WHEN ASSIGNED ** Improper neutralization of a SQL Command leading to SQL Injection... Critical Unreviewed

CVE-2021-20028 was published May 24, 2022

SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote... Moderate Unreviewed

CVE-2024-9379 was published Oct 8, 2024

Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a... Critical Unreviewed

CVE-2021-27101 was published May 24, 2022

A SQL-Injection vulnerability in the SonicWall SSLVPN SMA100 product allows a remote... Critical Unreviewed

CVE-2021-20016 was published May 24, 2022

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows... Critical Unreviewed

CVE-2024-29824 was published May 31, 2024

The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote... High Unreviewed

CVE-2020-5722 was published May 24, 2022

An authenticated SQL injection vulnerability exists in the BIG-IP Configuration utility which ... High Unreviewed

CVE-2023-46748 was published Oct 26, 2023

Vulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to... Moderate Unreviewed

CVE-2019-7481 was published May 24, 2022

Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection. High Unreviewed

CVE-2019-12989 was published May 24, 2022

A SQL Injection (CWE-89) vulnerability exists in U.motion Builder software version 1.3.4 which... Critical Unreviewed

CVE-2018-7841 was published May 24, 2022

Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search... Critical Unreviewed

CVE-2021-44026 was published May 24, 2022

BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for... Critical Unreviewed

CVE-2021-42258 was published May 24, 2022

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote... Critical Unreviewed

CVE-2016-2386 was published May 13, 2022

An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows... Critical Unreviewed

CVE-2020-29574 was published May 24, 2022

FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or... High Unreviewed

CVE-2020-17463 was published May 24, 2022

A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG... High Unreviewed

CVE-2020-12271 was published May 24, 2022

ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to... Critical Unreviewed

CVE-2017-18362 was published May 14, 2022

daicuocms V1.3.13 contains a SQL injection vulnerability in the file library\think\db\Builder.php. Moderate Unreviewed

CVE-2025-61194 was published Oct 21, 2025

Log2Space Subscriber Management Software 1.1 is vulnerable to unauthenticated SQL injection via... Moderate Unreviewed

CVE-2025-56450 was published Oct 21, 2025

SQL injection in Sergestec's Exito v8.0. This vulnerability allows an attacker to retrieve,... Critical Unreviewed

CVE-2025-41018 was published Oct 16, 2025

Previous 1…9…400 Next

Previous 1 2 … 7 8 9 10 11 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

15,537 advisories