GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,739
Composer 5,031
Erlang 39
GitHub Actions 38
Go 2,675
Maven 6,116
npm 4,297
NuGet 760
pip 4,077
Pub 12
RubyGems 957
Rust 1,058
Swift 45

Unreviewed advisories

All unreviewed 278,086

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

15,092 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The ProjectList plugin for WordPress is vulnerable to time-based SQL Injection via the 'id'... Moderate Unreviewed

CVE-2025-13370 was published Nov 25, 2025

A SQL injection vulnerability has been identified in bwdpi. A remote, authenticated attacker... Moderate Unreviewed

CVE-2025-59369 was published Nov 25, 2025

The Bookme – Free Online Appointment Booking and Scheduling Plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-13385 was published Nov 25, 2025

The Perfect Brands for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection... Moderate Unreviewed

CVE-2025-10144 was published Nov 25, 2025

ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName. High Unreviewed

CVE-2025-56401 was published Nov 24, 2025

The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is... High Unreviewed

CVE-2025-7402 was published Nov 24, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Unknown Unreviewed

CVE-2025-66095 was published Nov 21, 2025

The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-12750 was published Nov 21, 2025

The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'columns_search'... High Unreviewed

CVE-2025-13138 was published Nov 21, 2025

A security flaw has been discovered in itsourcecode Online File Management System 1.0. This issue... Moderate Unreviewed

CVE-2025-13485 was published Nov 21, 2025

Institute-of-Current-Students v1.0 contains a time-based blind SQL injection vulnerability in the... Moderate Unreviewed

CVE-2025-52410 was published Nov 20, 2025

A vulnerability was found in code-projects Online Shop Project 1.0. This issue affects some... Moderate Unreviewed

CVE-2025-13449 was published Nov 20, 2025

A vulnerability was identified in SourceCodester Online Shop Project 1.0. The affected element is... Moderate Unreviewed

CVE-2025-13451 was published Nov 20, 2025

A weakness has been identified in itsourcecode Human Resource Management System 1.0. This issue... Moderate Unreviewed

CVE-2025-13420 was published Nov 20, 2025

A vulnerability was detected in freeprojectscodes Sports Club Management System 1.0. The affected... Moderate Unreviewed

CVE-2025-13422 was published Nov 20, 2025

A security vulnerability has been detected in itsourcecode Human Resource Management System 1.0.... Moderate Unreviewed

CVE-2025-13421 was published Nov 20, 2025

A vulnerability has been found in Campcodes Supplier Management System 1.0. This affects an... Moderate Unreviewed

CVE-2025-13424 was published Nov 20, 2025

Campcodes Online Hospital Management System 1.0 is vulnerable to SQL Injection in /admin/index... High Unreviewed

CVE-2025-63719 was published Nov 19, 2025

A vulnerability has been found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected is... Moderate Unreviewed

CVE-2025-13410 was published Nov 19, 2025

The Looker endpoint for generating new projects from database connections allows users to specify... Moderate Unreviewed

CVE-2025-12743 was published Nov 19, 2025

Github Restaurant Website Restoran v1.0 was discovered to contain a SQL injection vulnerability... Moderate Unreviewed

CVE-2025-63878 was published Nov 19, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-10437 was published Nov 19, 2025

The Community Events plugin for WordPress is vulnerable to SQL Injection via the 'dayofyear'... High Unreviewed

CVE-2025-12646 was published Nov 19, 2025

An improper neutralization of special elements used in an SQL Command ("SQL Injection")... High Unreviewed

CVE-2025-58692 was published Nov 18, 2025

DzzOffice v2.3.7 and before is vulnerable to SQL Injection in explorer/groupmanage. Critical Unreviewed

CVE-2025-63694 was published Nov 18, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

15,092 advisories