Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,537 advisories

Loading
Improper Validation of Syntactic Correctness of Input vulnerability in Finder Fire Safety Finder... High Unreviewed
CVE-2024-12146 was published Mar 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-10610 was published Oct 14, 2025
A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP1). Affected applications... High Unreviewed
CVE-2025-40755 was published Oct 14, 2025
SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta... High Unreviewed
CVE-2014-2376 was published May 17, 2022
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62389 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62392 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62391 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62390 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62385 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-11623 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62383 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62384 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62388 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62386 was published Oct 14, 2025
SQL injection in Ivanti Endpoint Manager allows a remote authenticated attacker to read arbitrary... Moderate Unreviewed
CVE-2025-62387 was published Oct 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-6919 was published Oct 13, 2025
Querydsl vulnerable to HQL injection through orderBy High
CVE-2024-49203 was published for com.querydsl:querydsl-apt (Maven) Nov 27, 2024
CSIRTTrizna ryanmurf
Credited to CSIRTTrizna and ryanmurf
The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’... Moderate Unreviewed
CVE-2025-9947 was published Oct 11, 2025
The WP Links Page plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in... Moderate Unreviewed
CVE-2025-10175 was published Oct 11, 2025
The My auctions allegro plugin for WordPress is vulnerable to SQL Injection via the 'order'... Moderate Unreviewed
CVE-2025-10048 was published Oct 11, 2025
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to SQL... Moderate Unreviewed
CVE-2025-10185 was published Oct 11, 2025
JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main... Critical Unreviewed
CVE-2025-60269 was published Oct 10, 2025
A vulnerability, which was classified as critical, has been found in s-a-zhd Ecommerce-Website... Moderate Unreviewed
CVE-2025-2041 was published Mar 6, 2025
A vulnerability was found in s-a-zhd Ecommerce-Website-using-PHP 1.0. It has been classified as... Moderate Unreviewed
CVE-2025-2036 was published Mar 6, 2025
Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to... High Unreviewed
CVE-2025-40665 was published May 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database