GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,417
Composer 4,951
Erlang 39
GitHub Actions 38
Go 2,607
Maven 6,062
npm 4,251
NuGet 757
pip 4,017
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,289

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,899 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-47902 was published Oct 20, 2025

IPFire versions prior to 2.29 (Core Update 198) contain a SQL injection vulnerability that allows... High Unreviewed

CVE-2025-34304 was published Oct 28, 2025

The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-11735 was published Oct 28, 2025

indieka900 online-shopping-system-php 1.0 is vulnerable to SQL Injection in the password... High Unreviewed

CVE-2025-61247 was published Oct 27, 2025

The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More... High Unreviewed

CVE-2025-11893 was published Oct 25, 2025

The wpForo Forum plugin for WordPress is vulnerable to error‐based or time-based SQL Injection... High Unreviewed

CVE-2025-4203 was published Oct 25, 2025

The Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions... High Unreviewed

CVE-2025-9322 was published Oct 25, 2025

The Product Filter by WBW plugin for WordPress is vulnerable to SQL Injection via the ... High Unreviewed

CVE-2025-8416 was published Oct 25, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-62015 was published Oct 22, 2025

The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote... High Unreviewed

CVE-2020-5722 was published May 24, 2022

An authenticated SQL injection vulnerability exists in the BIG-IP Configuration utility which ... High Unreviewed

CVE-2023-46748 was published Oct 26, 2023

Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection. High Unreviewed

CVE-2019-12989 was published May 24, 2022

FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or... High Unreviewed

CVE-2020-17463 was published May 24, 2022

A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG... High Unreviewed

CVE-2020-12271 was published May 24, 2022

SQL injection vulnerability in the fields of warehouse document filtering form in SIMPLE.ERP... High Unreviewed

CVE-2025-9339 was published Oct 21, 2025

Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL... High Unreviewed

CVE-2025-9428 was published Oct 21, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-62658 was published Oct 20, 2025

The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-11691 was published Oct 18, 2025

The myCred WordPress plugin before 2.3 does not validate or escape the fields parameter before... High Unreviewed

CVE-2021-24755 was published Nov 30, 2021

Vanna v0.6.3 is vulnerable to SQL injection via Snowflake database in its file staging operations... High Unreviewed

CVE-2024-8055 was published Mar 20, 2025

The External Login plugin for WordPress is vulnerable to SQL Injection via the 'log' parameter in... High Unreviewed

CVE-2025-11177 was published Oct 15, 2025

The Outdoor plugin for WordPress is vulnerable to SQL Injection via the 'edit' action in all... High Unreviewed

CVE-2025-10743 was published Oct 15, 2025

The Dynamically Display Posts plugin for WordPress is vulnerable to SQL Injection via the ... High Unreviewed

CVE-2025-11501 was published Oct 15, 2025

Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft... High Unreviewed

CVE-2025-59213 was published Oct 14, 2025

Improper Validation of Syntactic Correctness of Input vulnerability in Finder Fire Safety Finder... High Unreviewed

CVE-2024-12146 was published Mar 6, 2025

Previous1…276 Next

Previous 1 2 3 4 5 … 275 276 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,899 advisories