Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,027 advisories

Loading
SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute... Critical Unreviewed
CVE-2025-44033 was published Aug 29, 2025
An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker... High Unreviewed
CVE-2025-29893 was published Aug 29, 2025
An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker... High Unreviewed
CVE-2025-29894 was published Aug 29, 2025
The iATS Online Forms plugin for WordPress is vulnerable to time-based SQL Injection via the ... Moderate Unreviewed
CVE-2025-9441 was published Aug 29, 2025
Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing... High Unreviewed
CVE-2025-8858 was published Aug 29, 2025
A SQL Injection vulnerability exists in the action.php file of PuneethReddyHC Online Shopping... Moderate Unreviewed
CVE-2025-51968 was published Aug 28, 2025
A SQL Injection vulnerability exists in the product.php page of PuneethReddyHC Online Shopping... Moderate Unreviewed
CVE-2025-51969 was published Aug 28, 2025
A SQL Injection vulnerability exists in the login.php of PuneethReddyHC Online Shopping System... Moderate Unreviewed
CVE-2025-51972 was published Aug 28, 2025
A reflected Cross-Site Scripting (XSS) vulnerability exists in register.php of PuneethReddyHC... Moderate Unreviewed
CVE-2025-51971 was published Aug 28, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-54720 was published Aug 28, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49404 was published Aug 28, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39496 was published Aug 28, 2025
The Simple Download Monitor plugin for WordPress is vulnerable to time-based SQL Injection via... Moderate Unreviewed
CVE-2025-8977 was published Aug 28, 2025
An unauthenticated SQL injection vulnerability exists in the GetLyfsByParams endpoint of Bian Que... Critical Unreviewed
CVE-2025-34162 was published Aug 28, 2025
A SQL injection vulnerability exists in the St. Joe ERP system ("圣乔ERP系统") that allows... Critical Unreviewed
CVE-2024-13979 was published Aug 28, 2025
NodeBB SQL Injection vulnerability High
CVE-2025-50979 was published for nodebb (npm) Aug 27, 2025
simple-admin-core SQL Injection vulnerability High
CVE-2025-51667 was published for github.com/suyuan32/simple-admin-core (Go) Aug 27, 2025
diskover-web v2.3.0 Community Edition is vulnerable to multiple boolean-based blind SQL injection... Moderate Unreviewed
CVE-2025-50984 was published Aug 27, 2025
SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API... High Unreviewed
CVE-2025-50983 was published Aug 27, 2025
SQL Injection vulnerability in AbanteCart 1.4.2, allows unauthenticated attackers to execute... Critical Unreviewed
CVE-2025-50972 was published Aug 27, 2025
In the PatientService.pl service, the "getPatientIdentifier" function is vulnerable to SQL... Moderate Unreviewed
CVE-2025-30058 was published Aug 27, 2025
In the ReturnUserUnitsXML.pl service, the "getUserInfo" function is vulnerable to SQL injection... Moderate Unreviewed
CVE-2025-30060 was published Aug 27, 2025
In the PrepareCDExportJSON.pl service, the "getPerfServiceIds" function is vulnerable to SQL... Moderate Unreviewed
CVE-2025-30059 was published Aug 27, 2025
In the "utils/Reporter/OpenReportWindow.pl" service, there is an SQL injection vulnerability... Moderate Unreviewed
CVE-2025-30061 was published Aug 27, 2025
The Vibes plugin for WordPress is vulnerable to time-based SQL Injection via the ‘resource’... High Unreviewed
CVE-2025-9172 was published Aug 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database