Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,536 advisories

Loading
Veritas / Arctera Data Insight before 7.1.1 allows Application Administrators to conduct SQL... Moderate Unreviewed
CVE-2024-46542 was published Dec 30, 2024
SQL injection vulnerability in the cmd component of Base Digitale Group spa product Centrax Open... Moderate Unreviewed
CVE-2025-56699 was published Oct 16, 2025
The file mexcel.php in the Vfront 0.99.52 codebase contains a vulnerable call to unserialize... Moderate Unreviewed
CVE-2025-60641 was published Oct 16, 2025
Boolean SQL injection vulnerability in the web app of Base Digitale Group spa product Centrax... Moderate Unreviewed
CVE-2025-56700 was published Oct 16, 2025
SQL Injection vulnerability in Beakon Software Beakon Learning Management System Sharable Content... Critical Unreviewed
CVE-2025-46101 was published Jun 23, 2025
SQL injection vulnerability in Ultimate PHP Board 2.2.7 via the username field in lostpassword.php. Moderate Unreviewed
CVE-2025-61540 was published Oct 16, 2025
A security flaw has been discovered in kidaze CourseSelectionSystem 1.0/5.php. The impacted... Moderate Unreviewed
CVE-2025-11052 was published Sep 27, 2025
A flaw has been found in lostvip-com ruoyi-go 2.1. This affects the function SelectListPage of... Moderate Unreviewed
CVE-2025-10218 was published Sep 11, 2025
A flaw has been found in itsourcecode Online Examination System 1.0. Affected by this issue is... Moderate Unreviewed
CVE-2025-11736 was published Oct 14, 2025
A vulnerability was determined in code-projects Automated Voting System 1.0. Affected by this... Moderate Unreviewed
CVE-2025-11668 was published Oct 13, 2025
SQL injection in Sergestec's SISTICK v7.2. This vulnerability allows an attacker to retrieve,... Critical Unreviewed
CVE-2025-41019 was published Oct 16, 2025
A vulnerability classified as critical has been found in markparticle WebServer up to 1.0. This... Moderate Unreviewed
CVE-2025-3847 was published Apr 22, 2025
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This... Critical Unreviewed
CVE-2025-40711 was published Jul 8, 2025
A vulnerability was found in markparticle WebServer up to 1.0. It has been rated as critical.... Moderate Unreviewed
CVE-2025-3846 was published Apr 22, 2025
A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been classified as critical. This... Moderate Unreviewed
CVE-2025-3856 was published Apr 22, 2025
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This... Critical Unreviewed
CVE-2025-40713 was published Jul 8, 2025
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This... Critical Unreviewed
CVE-2025-40712 was published Jul 8, 2025
SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter. This... Critical Unreviewed
CVE-2025-40714 was published Jul 8, 2025
A vulnerability, which was classified as critical, has been found in aaluoxiang oa_system 1.0.... Moderate Unreviewed
CVE-2025-1958 was published Mar 5, 2025
code-projects Computer Laboratory System 1.0 has a SQL injection vulnerability, where entering a... Critical Unreviewed
CVE-2025-60307 was published Oct 10, 2025
LlamaIndex vulnerable to Creation of Temporary File in Directory with Insecure Permissions High
CVE-2024-12911 was published for llama-index (pip) Mar 20, 2025
Vanna vulnerable to SQL Injection High
CVE-2024-5753 was published for vanna (pip) Jul 5, 2024
A vulnerability in mintplex-labs/anything-llm prior to version 1.2.2 allows for Prisma injection.... Moderate Unreviewed
CVE-2024-8251 was published Mar 20, 2025
Vanna v0.6.3 is vulnerable to SQL injection via Snowflake database in its file staging operations... High Unreviewed
CVE-2024-8055 was published Mar 20, 2025
Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web... Critical Unreviewed
CVE-2024-5827 was published Jun 29, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database