Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,537 advisories

Loading
Melis Platform CMS SQL Injection Critical
CVE-2025-10351 was published for melisplatform/melis-cms (Composer) Oct 8, 2025
ivansmc00
Credited to ivansmc00
A vulnerability classified as critical was found in fcba_zzm ics-park Smart Park Management... Moderate Unreviewed
CVE-2025-3135 was published Apr 3, 2025
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce... High Unreviewed
CVE-2025-10862 was published Oct 9, 2025
The Community Events plugin for WordPress is vulnerable to SQL Injection via the ‘event_venue’... Critical Unreviewed
CVE-2025-10586 was published Oct 9, 2025
A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by... Moderate Unreviewed
CVE-2025-11474 was published Oct 8, 2025
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1... Critical Unreviewed
CVE-2025-41370 was published Aug 1, 2025
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1... High Unreviewed
CVE-2025-41373 was published Aug 1, 2025
A flaw has been found in kidaze CourseSelectionSystem up to... Moderate Unreviewed
CVE-2025-11032 was published Sep 26, 2025
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1... High Unreviewed
CVE-2025-41372 was published Aug 1, 2025
A vulnerability has been found in kidaze CourseSelectionSystem up to... Moderate Unreviewed
CVE-2025-11033 was published Sep 26, 2025
ProjectWorlds Gym Management System1.0 is vulnerable to SQL Injection via the "id" parameter in... High Unreviewed
CVE-2025-60311 was published Oct 8, 2025
A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected... Moderate Unreviewed
CVE-2025-11473 was published Oct 8, 2025
A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. This impacts an... Moderate Unreviewed
CVE-2025-11472 was published Oct 8, 2025
A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This... Moderate Unreviewed
CVE-2025-11471 was published Oct 8, 2025
A vulnerability was determined in kidaze CourseSelectionSystem up to... Moderate Unreviewed
CVE-2025-10597 was published Sep 17, 2025
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1... Critical Unreviewed
CVE-2025-41371 was published Aug 1, 2025
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1... High Unreviewed
CVE-2025-41374 was published Aug 1, 2025
An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker... High Unreviewed
CVE-2025-54153 was published Oct 3, 2025
An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker... High Unreviewed
CVE-2025-53595 was published Oct 3, 2025
A SQL Injection vulnerability exists in the edit_product.php file of PuneethReddyHC Online... Critical Unreviewed
CVE-2025-52021 was published Oct 7, 2025
A Zabbix adminitrator can inject arbitrary SQL during the autoremoval of hosts by inserting... High Unreviewed
CVE-2025-27240 was published Sep 12, 2025
A low privilege (regular) Zabbix user with API access can use SQL injection vulnerability in... High Unreviewed
CVE-2024-36465 was published Apr 2, 2025
The Welcart e-Commerce plugin for WordPress is vulnerable to SQL Injection via the cookie in all... Moderate Unreviewed
CVE-2025-10649 was published Oct 8, 2025
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login... High Unreviewed
CVE-2025-11204 was published Oct 8, 2025
The Community Events plugin for WordPress is vulnerable to SQL Injection via the event_category... Critical Unreviewed
CVE-2025-10587 was published Oct 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database