GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,930
Maven
5,000+
npm
4,587
NuGet
786
pip
4,294
Pub
12
RubyGems
981
Rust
1,114
Swift
49
Unreviewed advisories
All unreviewed
5,000+
16,133 advisories
Filter by severity
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2026-25022
was published
Feb 3, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
Critical
Unreviewed
CVE-2025-5319
was published
Feb 3, 2026
SQL injection vulnerability in the Buroweb platform version 2505.0.12, specifically in the ...
Critical
Unreviewed
CVE-2026-1432
was published
Feb 3, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2025-8587
was published
Feb 2, 2026
Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to...
High
Unreviewed
CVE-2021-47918
was published
Feb 1, 2026
Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to...
High
Unreviewed
CVE-2021-47916
was published
Feb 1, 2026
Mult-E-Cart Ultimate 2.4 contains multiple SQL injection vulnerabilities in inventory, customer,...
High
Unreviewed
CVE-2021-47909
was published
Feb 1, 2026
PHP Melody version 3.0 contains a remote SQL injection vulnerability in the video edit module...
High
Unreviewed
CVE-2021-47915
was published
Feb 1, 2026
The SupportCandy – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable...
Moderate
Unreviewed
CVE-2026-0683
was published
Jan 31, 2026
Navigate CMS 2.8.7 contains an authenticated SQL injection vulnerability that allows attackers to...
High
Unreviewed
CVE-2020-37053
was published
Jan 31, 2026
Online-Exam-System 2015 contains a time-based blind SQL injection vulnerability in the feedback...
High
Unreviewed
CVE-2020-37051
was published
Jan 31, 2026
Online-Exam-System 2015 contains a SQL injection vulnerability in the feedback module that allows...
High
Unreviewed
CVE-2020-37057
was published
Jan 31, 2026
e-Learning PHP Script 0.1.0 contains a SQL injection vulnerability in the search functionality...
High
Unreviewed
CVE-2020-37035
was published
Jan 31, 2026
Infor Storefront B2B 1.0 contains a SQL injection vulnerability that allows attackers to...
High
Unreviewed
CVE-2020-37033
was published
Jan 31, 2026
geopandas SQL Injection Vulnerability in to_postgis() Allows Information Disclosure
High
CVE-2025-69662
was published
for
geopandas
(pip)
Jan 30, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2025-4686
was published
Jan 30, 2026
TimeClock Software 1.01 contains an authenticated time-based SQL injection vulnerability that...
High
Unreviewed
CVE-2020-37005
was published
Jan 29, 2026
Elaniin CMS 1.0 contains an authentication bypass vulnerability that allows attackers to access...
High
Unreviewed
CVE-2020-36999
was published
Jan 29, 2026
Ultimate Project Manager CRM PRO 2.0.5 contains a blind SQL injection vulnerability that allows...
High
Unreviewed
CVE-2020-37004
was published
Jan 29, 2026
berliCRM 1.0.24 contains a SQL injection vulnerability in the 'src_record' parameter that allows...
High
Unreviewed
CVE-2020-37006
was published
Jan 29, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')...
High
Unreviewed
CVE-2025-7714
was published
Jan 29, 2026
Tanium addressed a SQL injection vulnerability in Asset.
Moderate
Unreviewed
CVE-2025-15344
was published
Jan 29, 2026
ProTip!
Advisories are also available from the
GraphQL API