Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,950
Erlang
39
GitHub Actions
38
Go
2,603
Maven
5,000+
npm
4,250
NuGet
755
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,222 advisories

Loading
A SQL injection vulnerability has been identified in DobryCMS. Improper neutralization of input... Critical Unreviewed
CVE-2025-8536 was published Oct 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-11253 was published Oct 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-59557 was published Oct 22, 2025
A SQL Injection vulnerability exists in Esri ArcGIS Server versions 11.3, 11.4 and 11.5 on... Critical Unreviewed
CVE-2025-57870 was published Oct 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-49931 was published Oct 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-49915 was published Oct 22, 2025
SQL Injection vulnerability exists in Bhabishya-123 E-commerce 1.0, specifically within the... Critical Unreviewed
CVE-2025-61455 was published Oct 20, 2025
A SQL Injection vulnerability has been found in Epsilon RH by Grupo Castilla. This vulnerability... Critical Unreviewed
CVE-2025-41028 was published Oct 20, 2025
MCMS vulnerable SQL injection via the content_title parameter Critical
CVE-2025-56316 was published for net.mingsoft:ms-mcms (Maven) Oct 17, 2025
SQL injection in Sergestec's Exito v8.0. This vulnerability allows an attacker to retrieve,... Critical Unreviewed
CVE-2025-41018 was published Oct 16, 2025
SQL injection in Sergestec's SISTICK v7.2. This vulnerability allows an attacker to retrieve,... Critical Unreviewed
CVE-2025-41019 was published Oct 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-10610 was published Oct 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-6919 was published Oct 13, 2025
code-projects Computer Laboratory System 1.0 has a SQL injection vulnerability, where entering a... Critical Unreviewed
CVE-2025-60307 was published Oct 10, 2025
JEEWMS 20250820 is vulnerable to SQL Injection in the exportXls function located in the src/main... Critical Unreviewed
CVE-2025-60269 was published Oct 10, 2025
SourceCodester Pet Grooming Management Software 1.0 is vulnerable to SQL Injection in admin... Critical Unreviewed
CVE-2025-60316 was published Oct 9, 2025
The Community Events plugin for WordPress is vulnerable to SQL Injection via the ‘event_venue’... Critical Unreviewed
CVE-2025-10586 was published Oct 9, 2025
Melis Platform CMS SQL Injection Critical
CVE-2025-10351 was published for melisplatform/melis-cms (Composer) Oct 8, 2025
ivansmc00
Credited to ivansmc00
The Community Events plugin for WordPress is vulnerable to SQL Injection via the event_category... Critical Unreviewed
CVE-2025-10587 was published Oct 8, 2025
A SQL Injection vulnerability exists in the edit_product.php file of PuneethReddyHC Online... Critical Unreviewed
CVE-2025-52021 was published Oct 7, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-0603 was published Oct 7, 2025
XWiki Platform is vulnerable to HQL injection via wiki and space search REST API Critical
CVE-2025-52472 was published for org.xwiki.platform:xwiki-platform-rest-server (Maven) Oct 6, 2025
A SQL injection vulnerability has been identified in Uniclare Student Portal v2. This flaw allows... Critical Unreviewed
CVE-2025-57515 was published Oct 6, 2025
The WPRecovery plugin for WordPress is vulnerable to SQL Injection via the 'data[id]' parameter... Critical Unreviewed
CVE-2025-10726 was published Oct 3, 2025
SQL injection vulnerability in Joomla module mod_vvisit_counter v2.0.4j3. This vulnerability... Critical Unreviewed
CVE-2025-40636 was published Oct 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database