Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,930
Maven
5,000+
npm
4,587
NuGet
786
pip
4,294
Pub
12
RubyGems
981
Rust
1,114
Swift
49
Unreviewed advisories
All unreviewed
5,000+

7,338 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2026-22470 was published Jan 22, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-69180 was published Jan 22, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-69045 was published Jan 22, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-68999 was published Jan 22, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-68881 was published Jan 22, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-68017 was published Jan 22, 2026
Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s) an Improper Neutralization of... High Unreviewed
CVE-2025-36588 was published Jan 22, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-4764 was published Jan 22, 2026
SEO Panel versions prior to 4.9.0 contain a blind SQL injection vulnerability in the archive.php... High Unreviewed
CVE-2021-47872 was published Jan 21, 2026
Digital Crime Report Management System 1.0 contains a critical SQL injection vulnerability... High Unreviewed
CVE-2021-47846 was published Jan 21, 2026
Blitar Tourism 1.0 contains an authentication bypass vulnerability that allows attackers to... High Unreviewed
CVE-2021-47848 was published Jan 21, 2026
ActiveRecord-JDBC-Adapter (AR-JDBC) lib/arjdbc/jdbc/adapter.rb sql.gsub() Function SQL Injection High
GHSA-5qw5-wf2q-f538 was published for activerecord-jdbc-adapter (RubyGems) Jan 16, 2026
Vianeos OctoPUS 5 contains a time-based blind SQL injection vulnerability in the 'login_user'... High Unreviewed
CVE-2021-47801 was published Jan 16, 2026
Grocery Crud 1.6.4 contains a SQL injection vulnerability in the order_by parameter that allows... High Unreviewed
CVE-2021-47811 was published Jan 16, 2026
Odine Solutions GateKeeper 1.0 contains a SQL injection vulnerability in the trafficCycle API... High Unreviewed
CVE-2021-47782 was published Jan 16, 2026
A time-based blind SQL Injection vulnerability exists in PHPGurukul Cyber Cafe Management System... High Unreviewed
CVE-2025-70893 was published Jan 15, 2026
Build Smart ERP 21.0817 contains an unauthenticated SQL injection vulnerability in the 'eidValue'... High Unreviewed
CVE-2021-47777 was published Jan 15, 2026
Aimeos contains a SQL injection vulnerability in the json api 'sort' parameter High
CVE-2021-47763 was published for aimeos/aimeos-laravel (Composer) Jan 15, 2026
Kmaleon 1.1.0.205 contains an authenticated SQL injection vulnerability in the 'tipocomb'... High Unreviewed
CVE-2021-47766 was published Jan 15, 2026
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for... High Unreviewed
CVE-2025-12166 was published Jan 15, 2026
Pimcore Has an Incomplete Patch for CVE-2023-30848 High
CVE-2026-23492 was published for pimcore/pimcore (Composer) Jan 14, 2026
Snow1nd
Credited to Snow1nd
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could... High Unreviewed
CVE-2025-37183 was published Jan 14, 2026
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could... High Unreviewed
CVE-2025-37181 was published Jan 14, 2026
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could... High Unreviewed
CVE-2025-37182 was published Jan 14, 2026
The Shipping Rate By Cities plugin for WordPress is vulnerable to SQL Injection via the 'city'... High Unreviewed
CVE-2025-14770 was published Jan 14, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database