Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

7,160 advisories

Loading
The Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions... High Unreviewed
CVE-2025-9322 was published Oct 25, 2025
The Product Filter by WBW plugin for WordPress is vulnerable to SQL Injection via the ... High Unreviewed
CVE-2025-8416 was published Oct 25, 2025
Admidio Vulnerable to Authenticated SQL Injection in Member Assignment Functionality High
CVE-2025-62617 was published for admidio/admidio (Composer) Oct 22, 2025
XY20130630
Credited to XY20130630
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-62015 was published Oct 22, 2025
SQL injection vulnerability in the fields of warehouse document filtering form in SIMPLE.ERP... High Unreviewed
CVE-2025-9339 was published Oct 21, 2025
Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL... High Unreviewed
CVE-2025-9428 was published Oct 21, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-62658 was published Oct 20, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-47902 was published Oct 20, 2025
The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-11691 was published Oct 18, 2025
The Outdoor plugin for WordPress is vulnerable to SQL Injection via the 'edit' action in all... High Unreviewed
CVE-2025-10743 was published Oct 15, 2025
The External Login plugin for WordPress is vulnerable to SQL Injection via the 'log' parameter in... High Unreviewed
CVE-2025-11177 was published Oct 15, 2025
The Dynamically Display Posts plugin for WordPress is vulnerable to SQL Injection via the ... High Unreviewed
CVE-2025-11501 was published Oct 15, 2025
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft... High Unreviewed
CVE-2025-59213 was published Oct 14, 2025
A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP1). Affected applications... High Unreviewed
CVE-2025-40755 was published Oct 14, 2025
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce... High Unreviewed
CVE-2025-10862 was published Oct 9, 2025
ProjectWorlds Gym Management System1.0 is vulnerable to SQL Injection via the "id" parameter in... High Unreviewed
CVE-2025-60311 was published Oct 8, 2025
The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login... High Unreviewed
CVE-2025-11204 was published Oct 8, 2025
A SQL Injection vulnerability was discovered in the Alert functionality due to improper... High Unreviewed
CVE-2025-40886 was published Oct 7, 2025
The endpoint POST /api/staff/get-new-tickets concatenates the user-controlled parameter... High Unreviewed
CVE-2025-10692 was published Oct 3, 2025
An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker... High Unreviewed
CVE-2025-53595 was published Oct 3, 2025
An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker... High Unreviewed
CVE-2025-54153 was published Oct 3, 2025
The Blappsta Mobile App Plugin – Your native, mobile iPhone App and Android App plugin for... High Unreviewed
CVE-2025-9200 was published Oct 3, 2025
The WP Dispatcher plugin for WordPress is vulnerable to SQL Injection via the ‘id’ parameter in... High Unreviewed
CVE-2025-10582 was published Oct 3, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-0616 was published Oct 3, 2025
Django vulnerable to SQL injection in column aliases High
CVE-2025-59681 was published for django (pip) Oct 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database