Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,537 advisories

Loading
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... Moderate Unreviewed
CVE-2025-34245 was published Nov 6, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... Moderate Unreviewed
CVE-2025-34246 was published Nov 6, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... Moderate Unreviewed
CVE-2025-34247 was published Nov 6, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... High Unreviewed
CVE-2025-34240 was published Nov 6, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... Moderate Unreviewed
CVE-2025-34241 was published Nov 6, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... Moderate Unreviewed
CVE-2025-34244 was published Nov 6, 2025
A vulnerability was determined in CodeAstro Gym Management System 1.0. This affects an unknown... Moderate Unreviewed
CVE-2025-12610 was published Nov 3, 2025
The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.1.3 / Nagios XI 5.8.5 contains... High Unreviewed
CVE-2021-47693 was published Oct 31, 2025
The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.0.7 / Nagios XI 5.7.4 contains... High Unreviewed
CVE-2020-36859 was published Oct 31, 2025
A vulnerability, which was classified as critical, has been found in Golden Link Secondary System... Moderate Unreviewed
CVE-2025-4352 was published May 6, 2025
Nagios XI versions prior to 2012R1.3 contain a SQL injection vulnerability in the legacy Core... High Unreviewed
CVE-2012-10063 was published Oct 31, 2025
The Easy Email Subscription plugin for WordPress is vulnerable to SQL Injection via the 'uid'... Moderate Unreviewed
CVE-2025-10683 was published Nov 6, 2025
A vulnerability was found in CodeAstro Gym Management System 1.0. Affected by this issue is some... Moderate Unreviewed
CVE-2025-12609 was published Nov 3, 2025
A weakness has been identified in SourceCodester Best House Rental Management System 1.0.... Moderate Unreviewed
CVE-2025-12614 was published Nov 3, 2025
A security flaw has been discovered in Campcodes School Fees Payment Management System 1.0. This... Moderate Unreviewed
CVE-2025-12612 was published Nov 3, 2025
A security flaw has been discovered in code-projects Simple Online Hotel Reservation System 2.0.... Moderate Unreviewed
CVE-2025-12594 was published Nov 2, 2025
Apache Flink CDC is vulnerable to SQL Injection through maliciously crafted identifiers Moderate
CVE-2025-62228 was published for org.apache.flink:flink-cdc-pipeline-connectors (Maven) Oct 9, 2025
Django vulnerable to SQL injection in column aliases High
CVE-2025-59681 was published for django (pip) Oct 1, 2025
Django is subject to SQL injection through its column aliases High
CVE-2025-57833 was published for Django (pip) Sep 8, 2025
Apache Superset has bypass of `DISALLOWED_SQL_FUNCTIONS` that allows execution of blocked SQL functions Moderate
CVE-2025-55674 was published for apache-superset (pip) Aug 14, 2025
Django vulnerable to SQL injection via _connector keyword argument in QuerySet and Q objects. Critical
CVE-2025-64459 was published for django (pip) Nov 5, 2025
Nagios XI versions prior to 5.7.5 contain a SQL injection vulnerability in the SNMP Trap... High Unreviewed
CVE-2020-36869 was published Oct 31, 2025
Nagios XI versions prior to 5.2.4 contain a SQL injection vulnerability in the notification... High Unreviewed
CVE-2016-15050 was published Oct 31, 2025
Nagios XI versions prior to 5.6.14 contain a post-authentication SQL injection vulnerability in... High Unreviewed
CVE-2020-36857 was published Oct 31, 2025
A vulnerability was identified in itsourcecode Online Loan Management System 1.0. Impacted is an... Moderate Unreviewed
CVE-2025-12607 was published Nov 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database