Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,241 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-31552 was published Apr 1, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-31551 was published Apr 1, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-31579 was published Apr 1, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-30807 was published Apr 1, 2025
Clinic’s Patient Management System versions 2.0 suffers from a SQL injection vulnerability in the... Critical Unreviewed
CVE-2025-3096 was published Apr 1, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-30886 was published Apr 1, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-30971 was published Apr 1, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-30876 was published Apr 1, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-30622 was published Apr 1, 2025
SOOP-CLM from PiExtract has a SQL Injection vulnerability, allowing unauthenticated remote... Critical Unreviewed
CVE-2025-3011 was published Mar 31, 2025
Sourcecodester Online Exam System 1.0 is vulnerable to SQL Injection via dash.php. Critical Unreviewed
CVE-2025-28087 was published Mar 29, 2025
A SQL injection vulnerability exists in the Epicor HCM 2021 1.9, specifically in the filter... Critical Unreviewed
CVE-2025-22953 was published Mar 28, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-22523 was published Mar 28, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-26898 was published Mar 28, 2025
semcms <=5.0 is vulnerable to SQL Injection in SEMCMS_Fuction.php. Critical Unreviewed
CVE-2025-25686 was published Mar 27, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-28942 was published Mar 26, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-30524 was published Mar 26, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-28898 was published Mar 26, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-26941 was published Mar 26, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-28904 was published Mar 25, 2025
SQL injection vulnerability in the authentication module in Convivance StandVoice 4.5 through 6.2... Critical Unreviewed
CVE-2024-42533 was published Mar 25, 2025
A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input... Critical Unreviewed
CVE-2025-29980 was published Mar 20, 2025
llama-index-packs-finchat SQL Injection vulnerability Critical
CVE-2024-12909 was published for llama-index-packs-finchat (pip) Mar 20, 2025
logan-markewich
Credited to logan-markewich
LlamaIndex Retrievers Integration: DuckDBRetriever SQL Injection Critical
CVE-2024-11958 was published for llama-index-retrievers-duckdb-retriever (pip) Mar 20, 2025
DB-GPT Arbitrary File Write vulnerability Critical
CVE-2024-10901 was published for dbgpt (pip) Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database