Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,930
Maven
5,000+
npm
4,587
NuGet
786
pip
4,294
Pub
12
RubyGems
981
Rust
1,114
Swift
49
Unreviewed advisories
All unreviewed
5,000+

7,338 advisories

Loading
Social-Share-Buttons 2.2.3 contains a critical SQL injection vulnerability in the project_id... High Unreviewed
CVE-2023-54333 was published Jan 14, 2026
WorkOrder CMS 0.1.0 contains a SQL injection vulnerability that allows unauthenticated attackers... High Unreviewed
CVE-2023-54340 was published Jan 14, 2026
Senayan Library Management System 9.0.0 contains a SQL injection vulnerability in the 'class'... High Unreviewed
CVE-2022-50805 was published Jan 14, 2026
Aero CMS 0.0.1 contains a SQL injection vulnerability in the author parameter that allows... High Unreviewed
CVE-2022-50895 was published Jan 14, 2026
VIAVIWEB Wallpaper Admin 1.0 contains an SQL injection vulnerability that allows authenticated... High Unreviewed
CVE-2022-50894 was published Jan 14, 2026
VIAVIWEB Wallpaper Admin 1.0 contains a SQL injection vulnerability that allows attackers to... High Unreviewed
CVE-2022-50892 was published Jan 14, 2026
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft... High Unreviewed
CVE-2026-20947 was published Jan 13, 2026
An improper neutralization of special elements used in an SQL command ('SQL Injection')... High Unreviewed
CVE-2025-59922 was published Jan 13, 2026
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL... High Unreviewed
CVE-2025-13774 was published Jan 13, 2026
Imaster's Patient Records Management System is vulnerable to SQL Injection in the endpoint ‘... High Unreviewed
CVE-2025-41004 was published Jan 12, 2026
Imaster's MEMS Events CRM contains an SQL injection vulnerability in‘keyword’ parameter in ‘... High Unreviewed
CVE-2025-41005 was published Jan 12, 2026
WeKnora vulnerable to SQL Injection High
CVE-2026-22687 was published for github.com/Tencent/WeKnora (Go) Jan 9, 2026
passer-W
Credited to passer-W
GestSup versions up to and including 3.2.56 contain multiple SQL injection vulnerabilities in the... High Unreviewed
CVE-2026-22197 was published Jan 9, 2026
GestSup versions up to and including 3.2.56 contain a SQL injection vulnerability in ticket... High Unreviewed
CVE-2026-22196 was published Jan 9, 2026
GestSup versions up to and including 3.2.56 contain a SQL injection vulnerability in the search... High Unreviewed
CVE-2026-22195 was published Jan 9, 2026
This vulnerability allows unauthenticated attackers to inject an SQL request into GET request... High Unreviewed
CVE-2025-64092 was published Jan 9, 2026
DwyerOmega Isensix Advanced Remote Monitoring System (ARMS) 1.5.7 allows an attacker to retrieve... High Unreviewed
CVE-2025-59379 was published Jan 6, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-31044 was published Jan 5, 2026
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability... High Unreviewed
CVE-2025-15238 was published Jan 5, 2026
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability... High Unreviewed
CVE-2025-15239 was published Jan 5, 2026
An SQL injection vulnerability has been reported to affect Hyper Data Protector. The remote... High Unreviewed
CVE-2025-59389 was published Jan 2, 2026
An SQL injection vulnerability has been reported to affect MARS (Multi-Application Recovery... High Unreviewed
CVE-2025-59387 was published Jan 2, 2026
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') High Unreviewed
CVE-2025-55065 was published Jan 1, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-30628 was published Dec 31, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-28949 was published Dec 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database