Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,012 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-55708 was published Aug 14, 2025
A vulnerability has been found in SourceCodester Cashier Queuing System 1.0. Affected is an... Moderate Unreviewed
CVE-2025-8973 was published Aug 14, 2025
Apache Superset has bypass of `DISALLOWED_SQL_FUNCTIONS` that allows execution of blocked SQL functions Moderate
CVE-2025-55674 was published for apache-superset (pip) Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-54678 was published Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-54707 was published Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-49059 was published Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-52720 was published Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-52820 was published Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-52823 was published Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-54669 was published Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49267 was published Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-39510 was published Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-30998 was published Aug 14, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49033 was published Aug 14, 2025
A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by... Moderate Unreviewed
CVE-2025-8926 was published Aug 13, 2025
A vulnerability was determined in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6... Moderate Unreviewed
CVE-2025-8908 was published Aug 13, 2025
Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing... High Unreviewed
CVE-2025-8914 was published Aug 13, 2025
The Tutor LMS Pro – eLearning and online course solution plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-6184 was published Aug 13, 2025
Improper neutralization of special elements used in an sql command ('sql injection') in SQL... High Unreviewed
CVE-2025-53727 was published Aug 12, 2025
Improper neutralization of special elements used in an sql command ('sql injection') in SQL... High Unreviewed
CVE-2025-47954 was published Aug 12, 2025
Improper neutralization of special elements used in an sql command ('sql injection') in SQL... High Unreviewed
CVE-2025-49759 was published Aug 12, 2025
SQL injection in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated... High Unreviewed
CVE-2025-8296 was published Aug 12, 2025
PyLoad vulnerable to SQL Injection via API /json/add_package in add_links parameter High
CVE-2025-55156 was published for pyload-ng (pip) Aug 12, 2025
cyjhhh
Cyclope Employee Surveillance Solution versions 6.x is vulnerable to a SQL injection flaw in its... Critical Unreviewed
CVE-2012-10047 was published Aug 8, 2025
Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a SQL injection... Moderate Unreviewed
CVE-2025-50928 was published Aug 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database