Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,235 advisories

Loading
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP... Critical Unreviewed
CVE-2022-50592 was published Nov 6, 2025
SuiteCRM versions prior to 7.12.6 contain a SQL injection vulnerability within the processing of... Critical Unreviewed
CVE-2022-50589 was published Nov 6, 2025
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP... Critical Unreviewed
CVE-2022-50595 was published Nov 6, 2025
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP... Critical Unreviewed
CVE-2022-50593 was published Nov 6, 2025
Django vulnerable to SQL injection via _connector keyword argument in QuerySet and Q objects. Critical
CVE-2025-64459 was published for django (pip) Nov 5, 2025
An unauthenticated SQL Injection was discovered within the Geutebruck G-Cam E-Series Cameras... Critical Unreviewed
CVE-2025-12463 was published Nov 3, 2025
Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/sign-in.php. Critical Unreviewed
CVE-2025-63451 was published Nov 3, 2025
Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/forgot-pass.php. Critical Unreviewed
CVE-2025-63452 was published Nov 3, 2025
Car-Booking-System-PHP v.1.0 is vulnerable to SQL Injection in /carlux/contact.php. Critical Unreviewed
CVE-2025-63453 was published Nov 3, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-6520 was published Oct 31, 2025
A vulnerability was found in code-projects Online Complaint Site 1.0. This issue affects some... Critical Unreviewed
CVE-2025-63622 was published Oct 29, 2025
WordPress plugin Contact Form CFDB7 versions up to and including 1.3.2 are affected by a pre... Critical Unreviewed
CVE-2025-4665 was published Oct 29, 2025
SQL injection vulnerability in the DRED virtual campus platform. This vulnerability allows an... Critical Unreviewed
CVE-2025-41009 was published Oct 27, 2025
A SQL injection vulnerability has been identified in DobryCMS. Improper neutralization of input... Critical Unreviewed
CVE-2025-8536 was published Oct 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-11253 was published Oct 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-59557 was published Oct 22, 2025
A SQL Injection vulnerability exists in Esri ArcGIS Server versions 11.3, 11.4 and 11.5 on... Critical Unreviewed
CVE-2025-57870 was published Oct 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-49931 was published Oct 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-49915 was published Oct 22, 2025
SQL Injection vulnerability exists in Bhabishya-123 E-commerce 1.0, specifically within the... Critical Unreviewed
CVE-2025-61455 was published Oct 20, 2025
A SQL Injection vulnerability has been found in Epsilon RH by Grupo Castilla. This vulnerability... Critical Unreviewed
CVE-2025-41028 was published Oct 20, 2025
MCMS vulnerable SQL injection via the content_title parameter Critical
CVE-2025-56316 was published for net.mingsoft:ms-mcms (Maven) Oct 17, 2025
SQL injection in Sergestec's SISTICK v7.2. This vulnerability allows an attacker to retrieve,... Critical Unreviewed
CVE-2025-41019 was published Oct 16, 2025
SQL injection in Sergestec's Exito v8.0. This vulnerability allows an attacker to retrieve,... Critical Unreviewed
CVE-2025-41018 was published Oct 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-10610 was published Oct 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database