Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,930
Maven
5,000+
npm
4,587
NuGet
786
pip
4,294
Pub
12
RubyGems
981
Rust
1,114
Swift
49
Unreviewed advisories
All unreviewed
5,000+

7,338 advisories

Loading
NLB mKlik Macedonia 3.3.12 contains a SQL injection vulnerability in international transfer... High Unreviewed
CVE-2023-54163 was published Dec 31, 2025
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an SQL injection vulnerability in the 'username'... High Unreviewed
CVE-2022-50694 was published Dec 31, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-59129 was published Dec 30, 2025
In NagiosXI 2026R1.0.1 build 1762361101, Dashboard parameters lack proper filtering, allowing any... High Unreviewed
CVE-2025-67255 was published Dec 29, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2023-36525 was published Dec 24, 2025
Orangescrum 1.8.0 contains an authenticated SQL injection vulnerability that allows authorized... High Unreviewed
CVE-2021-47720 was published Dec 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-68550 was published Dec 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-68561 was published Dec 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-12514 was published Dec 22, 2025
A SQL injection vulnerability in Kentico Xperience allows authenticated editors to inject... High Unreviewed
CVE-2021-47711 was published Dec 18, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-64371 was published Dec 18, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-14314 was published Dec 18, 2025
PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that... High Unreviewed
CVE-2023-53926 was published Dec 18, 2025
Affiliate Me version 5.0.1 contains a SQL injection vulnerability in the admin.php endpoint that... High Unreviewed
CVE-2023-53917 was published Dec 18, 2025
A SQL injection vulnerability was found in the '/cts/admin/?page=zone' file of ITSourcecode COVID... High Unreviewed
CVE-2025-67285 was published Dec 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-68055 was published Dec 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-68053 was published Dec 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-68056 was published Dec 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-68054 was published Dec 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-67999 was published Dec 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-67950 was published Dec 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-67962 was published Dec 16, 2025
NetSupport Manager < 14.12.0001 contains an unauthenticated SQL injection vulnerability in its... High Unreviewed
CVE-2025-34179 was published Dec 15, 2025
The Booking Calendar plugin for WordPress is vulnerable to time-based blind SQL Injection via the... High Unreviewed
CVE-2025-14383 was published Dec 15, 2025
The wpForo Forum plugin for WordPress is vulnerable to generic SQL Injection via the `post_args`... High Unreviewed
CVE-2025-13126 was published Dec 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database