Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,238 advisories

Loading
SQL injection in Sergestec's Exito v8.0. This vulnerability allows an attacker to retrieve,... Critical Unreviewed
CVE-2025-41018 was published Oct 16, 2025
SQL injection in Sergestec's SISTICK v7.2. This vulnerability allows an attacker to retrieve,... Critical Unreviewed
CVE-2025-41019 was published Oct 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-10610 was published Oct 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-6919 was published Oct 13, 2025
JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main... Critical Unreviewed
CVE-2025-60269 was published Oct 10, 2025
code-projects Computer Laboratory System 1.0 has a SQL injection vulnerability, where entering a... Critical Unreviewed
CVE-2025-60307 was published Oct 10, 2025
SourceCodester Pet Grooming Management Software 1.0 is vulnerable to SQL Injection in admin... Critical Unreviewed
CVE-2025-60316 was published Oct 9, 2025
The Community Events plugin for WordPress is vulnerable to SQL Injection via the ‘event_venue’... Critical Unreviewed
CVE-2025-10586 was published Oct 9, 2025
Melis Platform CMS SQL Injection Critical
CVE-2025-10351 was published for melisplatform/melis-cms (Composer) Oct 8, 2025
ivansmc00
Credited to ivansmc00
The Community Events plugin for WordPress is vulnerable to SQL Injection via the event_category... Critical Unreviewed
CVE-2025-10587 was published Oct 8, 2025
A SQL Injection vulnerability exists in the edit_product.php file of PuneethReddyHC Online... Critical Unreviewed
CVE-2025-52021 was published Oct 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-0603 was published Oct 7, 2025
XWiki Platform is vulnerable to HQL injection via wiki and space search REST API Critical
CVE-2025-52472 was published for org.xwiki.platform:xwiki-platform-rest-server (Maven) Oct 6, 2025
A SQL injection vulnerability has been identified in Uniclare Student Portal v2. This flaw allows... Critical Unreviewed
CVE-2025-57515 was published Oct 6, 2025
The WPRecovery plugin for WordPress is vulnerable to SQL Injection via the 'data[id]' parameter... Critical Unreviewed
CVE-2025-10726 was published Oct 3, 2025
SQL injection vulnerability in Joomla module mod_vvisit_counter v2.0.4j3. This vulnerability... Critical Unreviewed
CVE-2025-40636 was published Oct 3, 2025
SQL injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability could allow an attacker... Critical Unreviewed
CVE-2025-59743 was published Oct 2, 2025
SQL injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability could allow an attacker... Critical Unreviewed
CVE-2025-59742 was published Oct 2, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-13150 was published Sep 29, 2025
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an... Critical Unreviewed
CVE-2025-8868 was published Sep 29, 2025
This vulnerability allows malicious actors to gain unauthorized access to the Zenitel ICX500 and... Critical Unreviewed
CVE-2025-59814 was published Sep 25, 2025
A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows... Critical Unreviewed
CVE-2025-54946 was published Sep 25, 2025
A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of... Critical Unreviewed
CVE-2025-56074 was published Sep 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-10439 was published Sep 17, 2025
SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2025-57631 was published Sep 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database