Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,688 advisories

Loading
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote... High Unreviewed
CVE-2025-13769 was published Nov 28, 2025
WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote... High Unreviewed
CVE-2025-13770 was published Nov 28, 2025
SQL Injection vulnerability in last usage logs in Devolutions Server.This issue affects... Unknown Unreviewed
CVE-2025-13757 was published Nov 27, 2025
Multiple SQL Injections in Frappe CRM Dashboard Controller due to unsafe concatenation of user... High Unreviewed
CVE-2025-11461 was published Nov 26, 2025
SQL injection vulnerability in Hive Metastore Server (HMS) when processing delete column... Unknown Unreviewed
CVE-2025-62728 was published Nov 26, 2025
PostgreSQL SQL Injection (status_sql.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM... High Unreviewed
CVE-2025-66260 was published Nov 26, 2025
SIGB PMB v8.0.1.14 was discovered to contain multiple SQL injection vulnerabilities in the ... Moderate Unreviewed
CVE-2025-61167 was published Nov 25, 2025
The ProjectList plugin for WordPress is vulnerable to time-based SQL Injection via the 'id'... Moderate Unreviewed
CVE-2025-13370 was published Nov 25, 2025
The Bookme – Free Online Appointment Booking and Scheduling Plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-13385 was published Nov 25, 2025
A SQL injection vulnerability has been identified in bwdpi. A remote, authenticated attacker... Moderate Unreviewed
CVE-2025-59369 was published Nov 25, 2025
The Perfect Brands for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection... Moderate Unreviewed
CVE-2025-10144 was published Nov 25, 2025
ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName. High Unreviewed
CVE-2025-56401 was published Nov 24, 2025
The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is... High Unreviewed
CVE-2025-7402 was published Nov 24, 2025
A vulnerability has been found in code-projects Library System 1.0. This affects an unknown... Moderate Unreviewed
CVE-2025-13578 was published Nov 24, 2025
A vulnerability was found in SourceCodester Company Website CMS 1.0. This affects an unknown part... Moderate Unreviewed
CVE-2025-13560 was published Nov 23, 2025
A vulnerability has been found in Campcodes Online Polling System 1.0. Affected by this issue is... Moderate Unreviewed
CVE-2025-13557 was published Nov 23, 2025
A vulnerability was determined in SourceCodester Company Website CMS 1.0. This vulnerability... Moderate Unreviewed
CVE-2025-13561 was published Nov 23, 2025
A flaw has been found in Campcodes Online Polling System 1.0. Affected by this vulnerability is... Moderate Unreviewed
CVE-2025-13556 was published Nov 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Moderate Unreviewed
CVE-2025-66095 was published Nov 21, 2025
The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12750 was published Nov 21, 2025
The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'columns_search'... High Unreviewed
CVE-2025-13138 was published Nov 21, 2025
A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue... Moderate Unreviewed
CVE-2025-13485 was published Nov 21, 2025
Institute-of-Current-Students v1.0 contains a time-based blind SQL injection vulnerability in the... Moderate Unreviewed
CVE-2025-52410 was published Nov 20, 2025
phppgadmin contains a SQL injection vulnerability Moderate
CVE-2025-60798 was published for phppgadmin/phppgadmin (Composer) Nov 20, 2025
A vulnerability was found in code-projects Online Shop Project 1.0. This issue affects some... Moderate Unreviewed
CVE-2025-13449 was published Nov 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database