Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

14,953 advisories

Loading
A vulnerability was detected in code-projects Simple Grading System 1.0. This affects an unknown... Moderate Unreviewed
CVE-2025-9667 was published Aug 29, 2025
A weakness has been identified in code-projects Simple Grading System 1.0. Affected by this... Moderate Unreviewed
CVE-2025-9665 was published Aug 29, 2025
SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute... Critical Unreviewed
CVE-2025-44033 was published Aug 29, 2025
An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker... High Unreviewed
CVE-2025-29893 was published Aug 29, 2025
An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker... High Unreviewed
CVE-2025-29894 was published Aug 29, 2025
The iATS Online Forms plugin for WordPress is vulnerable to time-based SQL Injection via the ... Moderate Unreviewed
CVE-2025-9441 was published Aug 29, 2025
A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue... Moderate Unreviewed
CVE-2025-9610 was published Aug 29, 2025
Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing... High Unreviewed
CVE-2025-8858 was published Aug 29, 2025
A SQL Injection vulnerability exists in the login.php of PuneethReddyHC Online Shopping System... Moderate Unreviewed
CVE-2025-51972 was published Aug 28, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-54720 was published Aug 28, 2025
A SQL Injection vulnerability exists in the action.php file of PuneethReddyHC Online Shopping... Moderate Unreviewed
CVE-2025-51968 was published Aug 28, 2025
A reflected Cross-Site Scripting (XSS) vulnerability exists in register.php of PuneethReddyHC... Moderate Unreviewed
CVE-2025-51971 was published Aug 28, 2025
A SQL Injection vulnerability exists in the product.php page of PuneethReddyHC Online Shopping... Moderate Unreviewed
CVE-2025-51969 was published Aug 28, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49404 was published Aug 28, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39496 was published Aug 28, 2025
The Simple Download Monitor plugin for WordPress is vulnerable to time-based SQL Injection via... Moderate Unreviewed
CVE-2025-8977 was published Aug 28, 2025
An unauthenticated SQL injection vulnerability exists in the GetLyfsByParams endpoint of Bian Que... Critical Unreviewed
CVE-2025-34162 was published Aug 28, 2025
A SQL injection vulnerability exists in the St. Joe ERP system ("圣乔ERP系统") that allows... Critical Unreviewed
CVE-2024-13979 was published Aug 28, 2025
SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API... High Unreviewed
CVE-2025-50983 was published Aug 27, 2025
diskover-web v2.3.0 Community Edition is vulnerable to multiple boolean-based blind SQL injection... Moderate Unreviewed
CVE-2025-50984 was published Aug 27, 2025
SQL Injection vulnerability in AbanteCart 1.4.2, allows unauthenticated attackers to execute... Critical Unreviewed
CVE-2025-50972 was published Aug 27, 2025
In the PatientService.pl service, the "getPatientIdentifier" function is vulnerable to SQL... Moderate Unreviewed
CVE-2025-30058 was published Aug 27, 2025
In the PrepareCDExportJSON.pl service, the "getPerfServiceIds" function is vulnerable to SQL... Moderate Unreviewed
CVE-2025-30059 was published Aug 27, 2025
In the ReturnUserUnitsXML.pl service, the "getUserInfo" function is vulnerable to SQL injection... Moderate Unreviewed
CVE-2025-30060 was published Aug 27, 2025
In the "utils/Reporter/OpenReportWindow.pl" service, there is an SQL injection vulnerability... Moderate Unreviewed
CVE-2025-30061 was published Aug 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database