Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,766
Maven
5,000+
npm
4,371
NuGet
767
pip
4,144
Pub
12
RubyGems
962
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,277 advisories

Loading
IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data 4.8.4, 4.8.5, and 5.0.0 through 5.2... Critical Unreviewed
CVE-2025-0165 was published Dec 18, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-60062 was published Dec 18, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-58951 was published Dec 18, 2025
Bus Reservation System 1.1 contains a SQL injection vulnerability in the pickup_id parameter that... Critical Unreviewed
CVE-2023-53877 was published Dec 15, 2025
An issue was discovered in Frappe ERPNext through 15.89.0. Function... Critical Unreviewed
CVE-2025-66440 was published Dec 15, 2025
An issue was discovered in Frappe ERPNext through 15.89.0. Function... Critical Unreviewed
CVE-2025-66439 was published Dec 15, 2025
The URL Shortener Plugin For WordPress plugin for WordPress is vulnerable to SQL Injection via... Critical Unreviewed
CVE-2025-10738 was published Dec 13, 2025
CSZCMS 1.3.0 contains an authenticated SQL injection vulnerability in the members view... Critical Unreviewed
CVE-2024-58307 was published Dec 12, 2025
Quick.CMS 6.7 contains a SQL injection vulnerability that allows unauthenticated attackers to... Critical Unreviewed
CVE-2024-58308 was published Dec 12, 2025
Xhibiter NFT Marketplace 1.10.2 contains a SQL injection vulnerability in the collections... Critical Unreviewed
CVE-2024-58290 was published Dec 12, 2025
Purei CMS 1.0 contains a time-based blind SQL injection vulnerability that allows attackers to... Critical Unreviewed
CVE-2024-58301 was published Dec 12, 2025
COMMAX Smart Home System CDP-1020n contains an SQL injection vulnerability that allows attackers... Critical Unreviewed
CVE-2021-47708 was published Dec 9, 2025
SQL Injection vulnerability in function setwxqyAction in file webmain/task/api/loginAction.php in... Critical Unreviewed
CVE-2025-63742 was published Dec 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-67519 was published Dec 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-67520 was published Dec 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-67517 was published Dec 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-67518 was published Dec 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-67516 was published Dec 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-12504 was published Dec 9, 2025
SQL injection vulnerability in /php/api_patient_schedule.php in SourceCodester Patients Waiting... Critical Unreviewed
CVE-2025-64081 was published Dec 8, 2025
assyncmy is vulnerable to SQL injection via crafted dict keys Critical
CVE-2025-65896 was published for asyncmy (pip) Dec 2, 2025
code-projects Online Medicine Guide 1.0 is vulnerable to SQL Injection in /login.php via the... Critical Unreviewed
CVE-2025-60736 was published Dec 2, 2025
Edoc-doctor-appointment-system v1.0.1 was discovered to contain SQl injection vulnerability via... Critical Unreviewed
CVE-2025-65358 was published Dec 2, 2025
A blind SQL Injection (SQLi) vulnerability in mJobtime v15.7.2 allows unauthenticated attackers... Critical Unreviewed
CVE-2025-51683 was published Dec 1, 2025
A SQL injection vulnerability exists in the Blood Bank Management System 1.0 within the abs.php... Critical Unreviewed
CVE-2025-63535 was published Dec 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database