GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,875
Composer 5,065
Erlang 39
GitHub Actions 38
Go 2,698
Maven 6,138
npm 4,325
NuGet 761
pip 4,099
Pub 12
RubyGems 958
Rust 1,063
Swift 45

Unreviewed advisories

All unreviewed 278,642

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,020 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A SQL injection vulnerability has been identified in Uniclare Student Portal v2. This flaw allows... Critical Unreviewed

CVE-2025-57515 was published Oct 6, 2025

SQL injection vulnerability in Joomla module mod_vvisit_counter v2.0.4j3. This vulnerability... Critical Unreviewed

CVE-2025-40636 was published Oct 3, 2025

The WPRecovery plugin for WordPress is vulnerable to SQL Injection via the 'data[id]' parameter... Critical Unreviewed

CVE-2025-10726 was published Oct 3, 2025

SQL injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability could allow an attacker... Critical Unreviewed

CVE-2025-59743 was published Oct 2, 2025

SQL injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability could allow an attacker... Critical Unreviewed

CVE-2025-59742 was published Oct 2, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2024-13150 was published Sep 29, 2025

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an... Critical Unreviewed

CVE-2025-8868 was published Sep 29, 2025

This vulnerability allows malicious actors to gain unauthorized access to the Zenitel ICX500 and... Critical Unreviewed

CVE-2025-59814 was published Sep 25, 2025

A SQL injection vulnerability in SUNNET Corporate Training Management System before 10.11 allows... Critical Unreviewed

CVE-2025-54946 was published Sep 25, 2025

A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of... Critical Unreviewed

CVE-2025-56074 was published Sep 22, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-10439 was published Sep 17, 2025

SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2025-57631 was published Sep 16, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 200 -... Critical Unreviewed

CVE-2024-13149 was published Sep 16, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-7744 was published Sep 16, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-4688 was published Sep 16, 2025

NUP Pro developed by NewType Infortech has a SQL Injection vulnerability, allowing... Critical Unreviewed

CVE-2025-10266 was published Sep 12, 2025

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an... Critical Unreviewed

CVE-2025-40691 was published Sep 11, 2025

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an... Critical Unreviewed

CVE-2025-40692 was published Sep 11, 2025

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an... Critical Unreviewed

CVE-2025-40689 was published Sep 11, 2025

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an... Critical Unreviewed

CVE-2025-40687 was published Sep 11, 2025

SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an... Critical Unreviewed

CVE-2025-40690 was published Sep 11, 2025

An SQL injection vulnerability has been identified in the "ID" attribute of the SAML response... Critical Unreviewed

CVE-2025-9943 was published Sep 10, 2025

OPEXUS FOIAXpress Public Access Link (PAL) before version 11.13.1.0 allows SQL injection via... Critical Unreviewed

CVE-2025-58462 was published Sep 9, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-47569 was published Sep 9, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-58628 was published Sep 5, 2025

Previous 1…3…161 Next

Previous 1 2 3 4 5 … 160 161 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,020 advisories