Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

14,952 advisories

Loading
A flaw has been found in itsourcecode Sports Management System 1.0. Impacted is an unknown... Moderate Unreviewed
CVE-2025-9764 was published Sep 8, 2025
A security flaw has been discovered in Campcodes Farm Management System 1.0. Affected by this... Moderate Unreviewed
CVE-2025-9726 was published Sep 8, 2025
A flaw has been found in Jinher OA up to 1.2. The impacted element is an unknown function of the... Moderate Unreviewed
CVE-2025-10090 was published Sep 8, 2025
A vulnerability has been found in SourceCodester Online Polling System 1.0. Affected is an... Moderate Unreviewed
CVE-2025-10082 was published Sep 8, 2025
A flaw has been found in PHPGurukul Small CRM 4.0. Affected by this vulnerability is an unknown... Moderate Unreviewed
CVE-2025-10079 was published Sep 8, 2025
A vulnerability was detected in SourceCodester Online Polling System 1.0. Affected is an unknown... Moderate Unreviewed
CVE-2025-10078 was published Sep 8, 2025
A flaw has been found in itsourcecode Online Discussion Forum 1.0. This affects an unknown... Moderate Unreviewed
CVE-2025-10068 was published Sep 7, 2025
A vulnerability has been found in itsourcecode Online Discussion Forum 1.0. This affects an... Moderate Unreviewed
CVE-2025-10033 was published Sep 6, 2025
The ELEX WooCommerce Google Shopping (Google Product Feed) plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-10046 was published Sep 6, 2025
The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin... Moderate Unreviewed
CVE-2025-10003 was published Sep 6, 2025
The User Registration & Membership plugin for WordPress is vulnerable to SQL Injection via the 's... Moderate Unreviewed
CVE-2025-9085 was published Sep 6, 2025
ERP is a free and open source Enterprise Resource Planning tool. In versions below 14.89.2 and 15... High Unreviewed
CVE-2025-58439 was published Sep 6, 2025
A vulnerability has been found in PHPGurukul Online Course Registration 3.1. Affected is an... Moderate Unreviewed
CVE-2025-10025 was published Sep 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-58628 was published Sep 5, 2025
A vulnerability was determined in itsourcecode Sports Management System 1.0. This affects an... Moderate Unreviewed
CVE-2025-9767 was published Sep 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-58881 was published Sep 5, 2025
index.em7 in ScienceLogic SL1 before 12.1.1 allows SQL Injection via a parameter in a request. High Unreviewed
CVE-2025-58780 was published Sep 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-58788 was published Sep 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-58789 was published Sep 5, 2025
In multiple locations, there is a possible way to read files belonging to other apps due to SQL... High Unreviewed
CVE-2025-48544 was published Sep 4, 2025
In multiple functions of PickerDbFacade.java, there is a possible unauthorized data access due to... High Unreviewed
CVE-2025-32327 was published Sep 4, 2025
A vulnerability was identified in HKritesh009 Grocery List Management Web App up to... Moderate Unreviewed
CVE-2025-9749 was published Sep 4, 2025
An authenticated SQL injection vulnerability in VX Guestbook 1.07 allows attackers with admin... High Unreviewed
CVE-2025-57263 was published Sep 4, 2025
Input from search query parameter in GOV CMS is not sanitized properly, leading to a Blind SQL... Critical Unreviewed
CVE-2025-7385 was published Sep 4, 2025
dotCMS versions 24.03.22 and after, identified a Boolean-based blind SQLi vulnerability in the ... Moderate Unreviewed
CVE-2025-8311 was published Sep 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database