Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

13,892 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-39377 was published Apr 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-46248 was published Apr 24, 2025
A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0 in ... Moderate Unreviewed
CVE-2025-44135 was published Apr 24, 2025
A vulnerability was found in Code-Projects Online Class and Exam Scheduling System 1.0 in the... Moderate Unreviewed
CVE-2025-44134 was published Apr 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-3872 was published Apr 24, 2025
The ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes plugin for WordPress is... Moderate Unreviewed
CVE-2025-3280 was published Apr 24, 2025
PostHog Plugin Server SQL Injection Vulnerability High
CVE-2025-1520 was published for @posthog/plugin-server (npm) Apr 23, 2025
org.xwiki.platform:xwiki-platform-rest-server allows SQL injection in query endpoint of REST API Critical
CVE-2025-32969 was published for org.xwiki.platform:xwiki-platform-rest-server (Maven) Apr 23, 2025
madprogrammer
org.xwiki.platform:xwiki-platform-oldcore allows SQL injection in short form select requests through the script query API High
CVE-2025-32968 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Apr 23, 2025
MuM (aka Mensch und Maschine) MapEdit (aka mapedit-web) 24.2.3 is vulnerable to SQL Injection... Critical Unreviewed
CVE-2025-43949 was published Apr 22, 2025
Sacco Management system v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-44755 was published Apr 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-3767 was published Apr 22, 2025
CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') High Unreviewed
CVE-2025-23176 was published Apr 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-46242 was published Apr 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-46252 was published Apr 22, 2025
A SQL injection in VirtueMart component 1.0.0 - 4.4.7 for Joomla allows authenticated attackers ... Unknown Unreviewed
CVE-2025-25228 was published Apr 21, 2025
The JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress is... High Unreviewed
CVE-2025-2010 was published Apr 19, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39471 was published Apr 18, 2025
A SQL Injection vulnerability exists in the `u` parameter of the progress-body-weight.php... Critical Unreviewed
CVE-2025-28009 was published Apr 17, 2025
FOXCMS <= V1.25 is vulnerable to SQL Injection via $param['title'] in /admin/util/Field.php. High Unreviewed
CVE-2025-29181 was published Apr 17, 2025
In FOXCMS <=1.25, the installdb.php file has a time - based blind SQL injection vulnerability.... High Unreviewed
CVE-2025-29180 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-39569 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39587 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-39586 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39595 was published Apr 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database