Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

7,162 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-26908 was published Apr 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32681 was published Apr 11, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32618 was published Apr 11, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32650 was published Apr 11, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32558 was published Apr 11, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32567 was published Apr 11, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32687 was published Apr 10, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32119 was published Apr 10, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32128 was published Apr 10, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32677 was published Apr 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32685 was published Apr 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32676 was published Apr 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32550 was published Apr 9, 2025
jerryhanjj ERP 1.0 is vulnerable to SQL Injection in the set_password function in application... High Unreviewed
CVE-2025-29390 was published Apr 9, 2025
horvey Library-Manager v1.0 is vulnerable to SQL Injection in Admin/Controller/BookController... High Unreviewed
CVE-2025-29391 was published Apr 9, 2025
crud-query-parser SQL Injection vulnerability High
CVE-2025-32020 was published for crud-query-parser (npm) Apr 9, 2025
Flowise Vulnerable to SQL Injection via `tableName` Parameter High
CVE-2025-29189 was published for flowise-components (npm) Apr 9, 2025
Shopware Vulnerable to Blind SQL-injection in DAL aggregations High
CVE-2025-27892 was published for shopware/core (Composer) Apr 8, 2025
SQL injection in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7... High Unreviewed
CVE-2025-22461 was published Apr 8, 2025
Apache Airflow Common SQL Provider Vulnerable to SQL Injection High
CVE-2025-30473 was published for apache-airflow-providers-common-sql (pip) Apr 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32203 was published Apr 4, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32204 was published Apr 4, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32148 was published Apr 4, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32149 was published Apr 4, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-32126 was published Apr 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database