Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,240 advisories

Loading
Le-show medical practice management system from Le-yan has a SQL Injection vulnerability,... Critical Unreviewed
CVE-2025-3708 was published May 2, 2025
SQL injection in ADOdb PostgreSQL driver pg_insert_id() method Critical
CVE-2025-46337 was published for adodb/adodb-php (Composer) May 1, 2025
mrcnpp dregad
Credited to mrcnpp and dregad
SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in ... Critical Unreviewed
CVE-2025-44192 was published Apr 30, 2025
A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of... Critical Unreviewed
CVE-2025-45018 was published Apr 30, 2025
A SQL injection vulnerability was discovered in edit-ticket.php of PHPGurukul Park Ticketing... Critical Unreviewed
CVE-2025-45017 was published Apr 30, 2025
A SQL injection vulnerability was discovered in /add-foreigners-ticket.php file of PHPGurukul... Critical Unreviewed
CVE-2025-45019 was published Apr 30, 2025
SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve,... Critical Unreviewed
CVE-2025-40618 was published Apr 29, 2025
Slims (Senayan Library Management Systems) 9 Bulian V9.6.1 is vulnerable to SQL Injection in... Critical Unreviewed
CVE-2025-25403 was published Apr 29, 2025
SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve,... Critical Unreviewed
CVE-2025-40617 was published Apr 29, 2025
Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL injection via the kodetiket... Critical Unreviewed
CVE-2025-25775 was published Apr 25, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-46248 was published Apr 24, 2025
org.xwiki.platform:xwiki-platform-rest-server allows SQL injection in query endpoint of REST API Critical
CVE-2025-32969 was published for org.xwiki.platform:xwiki-platform-rest-server (Maven) Apr 23, 2025
madprogrammer
Credited to madprogrammer
MuM (aka Mensch und Maschine) MapEdit (aka mapedit-web) 24.2.3 is vulnerable to SQL Injection... Critical Unreviewed
CVE-2025-43949 was published Apr 22, 2025
Sacco Management system v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-44755 was published Apr 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39471 was published Apr 18, 2025
A SQL Injection vulnerability exists in the `u` parameter of the progress-body-weight.php... Critical Unreviewed
CVE-2025-28009 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39587 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39595 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-32626 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-32665 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-32636 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-27302 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-22655 was published Apr 17, 2025
SQL Injection vulnerability exists in the TP-Link M7450 4G LTE Mobile Wi-Fi Router Firmware... Critical Unreviewed
CVE-2025-29653 was published Apr 16, 2025
SQL Injection vulnerability exists in the TP-Link M7650 4G LTE Mobile Wi-Fi Router Firmware... Critical Unreviewed
CVE-2025-29651 was published Apr 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database