Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,513 advisories

Loading
Multiple SQL injection vulnerabilitites in ycf1998 money-pos system before commit... Critical Unreviewed
CVE-2025-63689 was published Nov 7, 2025
An SQL injection vulnerability has been reported to affect QuMagie. A remote attacker can exploit... Critical Unreviewed
CVE-2025-52425 was published Nov 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 564 -... High Unreviewed
CVE-2025-10968 was published Nov 7, 2025
SQL injection vulnerability in DIAL's CentrosNet v2.64. Allows an attacker to retrieve, create,... Critical Unreviewed
CVE-2025-10870 was published Nov 7, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... Moderate Unreviewed
CVE-2025-34247 was published Nov 6, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... Moderate Unreviewed
CVE-2025-34246 was published Nov 6, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... Moderate Unreviewed
CVE-2025-34245 was published Nov 6, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... Moderate Unreviewed
CVE-2025-34241 was published Nov 6, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... High Unreviewed
CVE-2025-34242 was published Nov 6, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... High Unreviewed
CVE-2025-34240 was published Nov 6, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... Moderate Unreviewed
CVE-2025-34244 was published Nov 6, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... Moderate Unreviewed
CVE-2025-34243 was published Nov 6, 2025
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP... Critical Unreviewed
CVE-2022-50595 was published Nov 6, 2025
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP... High Unreviewed
CVE-2022-50591 was published Nov 6, 2025
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP... Critical Unreviewed
CVE-2022-50592 was published Nov 6, 2025
SuiteCRM versions prior to 7.12.6 contain a SQL injection vulnerability within the processing of... Critical Unreviewed
CVE-2022-50589 was published Nov 6, 2025
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP... High Unreviewed
CVE-2022-50594 was published Nov 6, 2025
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP... Critical Unreviewed
CVE-2022-50593 was published Nov 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-60239 was published Nov 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Unknown Unreviewed
CVE-2025-52773 was published Nov 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Unknown Unreviewed
CVE-2025-48089 was published Nov 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Unknown Unreviewed
CVE-2025-28953 was published Nov 6, 2025
The Easy Email Subscription plugin for WordPress is vulnerable to SQL Injection via the 'uid'... Moderate Unreviewed
CVE-2025-10683 was published Nov 6, 2025
OSSN (Open Source Social Network) 8.6 is vulnerable to SQL Injection in /action/rtcomments/status... Moderate Unreviewed
CVE-2025-63585 was published Nov 5, 2025
Django vulnerable to SQL injection via _connector keyword argument in QuerySet and Q objects. Critical
CVE-2025-64459 was published for django (pip) Nov 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database