Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

7,157 advisories

Loading
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... High Unreviewed
CVE-2025-34242 was published Nov 6, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in... High Unreviewed
CVE-2025-34240 was published Nov 6, 2025
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP... High Unreviewed
CVE-2022-50591 was published Nov 6, 2025
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP... High Unreviewed
CVE-2022-50594 was published Nov 6, 2025
The The Events Calendar plugin for WordPress is vulnerable to blind SQL Injection via the 's'... High Unreviewed
CVE-2025-12197 was published Nov 5, 2025
EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing... High Unreviewed
CVE-2025-12503 was published Nov 3, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-64366 was published Oct 31, 2025
The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.1.3 / Nagios XI 5.8.5 contains... High Unreviewed
CVE-2021-47693 was published Oct 31, 2025
Nagios XI versions prior to 5.7.5 contain a SQL injection vulnerability in the SNMP Trap... High Unreviewed
CVE-2020-36869 was published Oct 31, 2025
The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.0.7 / Nagios XI 5.7.4 contains... High Unreviewed
CVE-2020-36859 was published Oct 31, 2025
Nagios XI versions prior to 5.2.4 contain a SQL injection vulnerability in the notification... High Unreviewed
CVE-2016-15050 was published Oct 31, 2025
Nagios XI versions prior to 5.6.14 contain a post-authentication SQL injection vulnerability in... High Unreviewed
CVE-2020-36857 was published Oct 31, 2025
Nagios XI versions prior to 2012R1.3 contain a SQL injection vulnerability in the legacy Core... High Unreviewed
CVE-2012-10063 was published Oct 31, 2025
LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore High
CVE-2025-64104 was published for langgraph-checkpoint-sqlite (pip) Oct 29, 2025
ColeMurray
Credited to ColeMurray
TypeORM vulnerable to SQL injection via crafted request to repository.save or repository.update High
CVE-2025-60542 was published for typeorm (npm) Oct 29, 2025
cavadalizada
Credited to cavadalizada
IPFire versions prior to 2.29 (Core Update 198) contain a SQL injection vulnerability that allows... High Unreviewed
CVE-2025-34304 was published Oct 28, 2025
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-11735 was published Oct 28, 2025
pg8000 SQL injection vulnerability via a specially crafted Python list input High
CVE-2025-61385 was published for pg8000 (pip) Oct 27, 2025
indieka900 online-shopping-system-php 1.0 is vulnerable to SQL Injection in the password... High Unreviewed
CVE-2025-61247 was published Oct 27, 2025
LangGraph's SQLite store implementation has a SQL Injection Vulnerability High
CVE-2025-8709 was published for langgraph-checkpoint-sqlite (pip) Oct 26, 2025
The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More... High Unreviewed
CVE-2025-11893 was published Oct 25, 2025
The Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions... High Unreviewed
CVE-2025-9322 was published Oct 25, 2025
The Product Filter by WBW plugin for WordPress is vulnerable to SQL Injection via the ... High Unreviewed
CVE-2025-8416 was published Oct 25, 2025
The wpForo Forum plugin for WordPress is vulnerable to error‐based or time-based SQL Injection... High Unreviewed
CVE-2025-4203 was published Oct 25, 2025
Admidio Vulnerable to Authenticated SQL Injection in Member Assignment Functionality High
CVE-2025-62617 was published for admidio/admidio (Composer) Oct 22, 2025
XY20130630
Credited to XY20130630
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database