Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,012 advisories

Loading
The ELEX WooCommerce Google Shopping (Google Product Feed) plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-10046 was published Sep 6, 2025
The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin... Moderate Unreviewed
CVE-2025-10003 was published Sep 6, 2025
The User Registration & Membership plugin for WordPress is vulnerable to SQL Injection via the 's... Moderate Unreviewed
CVE-2025-9085 was published Sep 6, 2025
ERP is a free and open source Enterprise Resource Planning tool. In versions below 14.89.2 and 15... High Unreviewed
CVE-2025-58439 was published Sep 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-58628 was published Sep 5, 2025
A vulnerability was determined in itsourcecode Sports Management System 1.0. This affects an... Moderate Unreviewed
CVE-2025-9767 was published Sep 5, 2025
index.em7 in ScienceLogic SL1 before 12.1.1 allows SQL Injection via a parameter in a request. High Unreviewed
CVE-2025-58780 was published Sep 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-58881 was published Sep 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-58789 was published Sep 5, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-58788 was published Sep 5, 2025
In multiple locations, there is a possible way to read files belonging to other apps due to SQL... High Unreviewed
CVE-2025-48544 was published Sep 4, 2025
In multiple functions of PickerDbFacade.java, there is a possible unauthorized data access due to... High Unreviewed
CVE-2025-32327 was published Sep 4, 2025
A vulnerability was identified in HKritesh009 Grocery List Management Web App up to... Moderate Unreviewed
CVE-2025-9749 was published Sep 4, 2025
An authenticated SQL injection vulnerability in VX Guestbook 1.07 allows attackers with admin... High Unreviewed
CVE-2025-57263 was published Sep 4, 2025
dotCMS versions 24.03.22 and after, identified a Boolean-based blind SQLi vulnerability in the ... Moderate Unreviewed
CVE-2025-8311 was published Sep 4, 2025
Input from search query parameter in GOV CMS is not sanitized properly, leading to a Blind SQL... Critical Unreviewed
CVE-2025-7385 was published Sep 4, 2025
An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an... High Unreviewed
CVE-2025-41034 was published Sep 4, 2025
An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an... High Unreviewed
CVE-2025-41033 was published Sep 4, 2025
An SQL injection vulnerability has been found in appRain CMF 4.0.5. This vulnerability allows an... High Unreviewed
CVE-2025-41032 was published Sep 4, 2025
phpgurukul Complaint Management System in PHP 2.0 is vulnerable to SQL Injection in user/reset... High Unreviewed
CVE-2025-57146 was published Sep 3, 2025
phpgurukul Complaint Management System 2.0 is vulnerable to SQL Injection in /complaint-details... Moderate Unreviewed
CVE-2025-57149 was published Sep 3, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-58604 was published Sep 3, 2025
A weakness has been identified in itsourcecode Sports Management System 1.0. The impacted element... Moderate Unreviewed
CVE-2025-9840 was published Sep 3, 2025
A vulnerability was determined in itsourcecode Student Information Management System 1.0. This... Moderate Unreviewed
CVE-2025-9837 was published Sep 3, 2025
A security flaw has been discovered in itsourcecode Student Information Management System 1.0.... Moderate Unreviewed
CVE-2025-9839 was published Sep 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database