Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,536 advisories

Loading
The Wp tabber widget plugin for WordPress is vulnerable to SQL Injection via the 'wp-tabber... Moderate Unreviewed
CVE-2025-10730 was published Oct 15, 2025
The WP Google Map Plugin plugin for WordPress is vulnerable to blind SQL Injection via the 'id'... Moderate Unreviewed
CVE-2025-11365 was published Oct 15, 2025
The Rich Snippet Site Report plugin for WordPress is vulnerable to SQL Injection via the 'last'... Moderate Unreviewed
CVE-2025-10310 was published Oct 15, 2025
The WP jQuery Pager plugin for WordPress is vulnerable to SQL Injection via the 'ids' shortcode... Moderate Unreviewed
CVE-2025-10575 was published Oct 15, 2025
The WP Dashboard Chat plugin for WordPress is vulnerable to SQL Injection via the ‘id’ parameter... Moderate Unreviewed
CVE-2025-10660 was published Oct 15, 2025
The TARIFFUXX plugin for WordPress is vulnerable to SQL Injection in versions up to, and... Moderate Unreviewed
CVE-2025-10682 was published Oct 15, 2025
The onOffice for WP-Websites plugin for WordPress is vulnerable to SQL Injection via the 'order'... Moderate Unreviewed
CVE-2025-10045 was published Oct 15, 2025
The Outdoor plugin for WordPress is vulnerable to SQL Injection via the 'edit' action in all... High Unreviewed
CVE-2025-10743 was published Oct 15, 2025
The External Login plugin for WordPress is vulnerable to SQL Injection via the 'log' parameter in... High Unreviewed
CVE-2025-11177 was published Oct 15, 2025
The Dynamically Display Posts plugin for WordPress is vulnerable to SQL Injection via the ... High Unreviewed
CVE-2025-11501 was published Oct 15, 2025
Amazon Redshift Python Connector vulnerable to SQL Injection High
CVE-2024-12745 was published for redshift_connector (pip) Dec 26, 2024
alikrubin
Credited to alikrubin
Amazon Redshift JDBC Driver vulnerable to SQL Injection High
CVE-2024-12744 was published for com.amazon.redshift:redshift-jdbc42 (Maven) Dec 26, 2024
alikrubin
Credited to alikrubin
SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve,... Critical Unreviewed
CVE-2025-40617 was published Apr 29, 2025
SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve,... Critical Unreviewed
CVE-2025-40618 was published Apr 29, 2025
A vulnerability was found in Fujian Kelixun 1.0. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-5107 was published May 23, 2025
A weakness has been identified in code-projects Online Complaint Site 1.0. Impacted is an unknown... Moderate Unreviewed
CVE-2025-11516 was published Oct 9, 2025
A security vulnerability has been detected in code-projects Student Crud Operation 3.3. Affected... Moderate Unreviewed
CVE-2025-11343 was published Oct 6, 2025
A weakness has been identified in code-projects Online Course Registration 1.0. This impacts an... Moderate Unreviewed
CVE-2025-11342 was published Oct 6, 2025
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft... High Unreviewed
CVE-2025-59213 was published Oct 14, 2025
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft... Moderate Unreviewed
CVE-2025-55320 was published Oct 14, 2025
Authorization Bypass Through User-Controlled SQL Primary Key vulnerability in BSS Software Mobuy... Critical Unreviewed
CVE-2024-13152 was published Feb 14, 2025
Improper Access Control vulnerability in Talya Informatics Travel APPS allows Exploiting... Moderate Unreviewed
CVE-2024-1153 was published Jun 27, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), Improper... High Unreviewed
CVE-2024-9286 was published Oct 9, 2024
SQL Injection: Hibernate vulnerability in TE Informatics Nova CMS allows SQL Injection.This issue... Moderate Unreviewed
CVE-2024-4658 was published Oct 10, 2024
Improper Validation of Syntactic Correctness of Input vulnerability in Finder Fire Safety Finder... High Unreviewed
CVE-2024-12146 was published Mar 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database