Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,930
Maven
5,000+
npm
4,587
NuGet
786
pip
4,294
Pub
12
RubyGems
981
Rust
1,114
Swift
49
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

15,522 advisories

Loading
A time-based blind SQL Injection vulnerability exists in PHPGurukul Cyber Cafe Management System... High Unreviewed
CVE-2025-70893 was published Jan 15, 2026
Build Smart ERP 21.0817 contains an unauthenticated SQL injection vulnerability in the 'eidValue'... High Unreviewed
CVE-2021-47777 was published Jan 15, 2026
Kmaleon 1.1.0.205 contains an authenticated SQL injection vulnerability in the 'tipocomb'... High Unreviewed
CVE-2021-47766 was published Jan 15, 2026
An SQL injection vulnerability in InvoicePlane through 1.6.3 has been identified in "maxQuantity"... Moderate Unreviewed
CVE-2025-67082 was published Jan 15, 2026
An SQL injection vulnerability in Itflow through 25.06 has been identified in the "role_id"... Moderate Unreviewed
CVE-2025-67081 was published Jan 15, 2026
The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for... High Unreviewed
CVE-2025-12166 was published Jan 15, 2026
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could... High Unreviewed
CVE-2025-37183 was published Jan 14, 2026
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could... High Unreviewed
CVE-2025-37181 was published Jan 14, 2026
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could... High Unreviewed
CVE-2025-37182 was published Jan 14, 2026
The Shipping Rate By Cities plugin for WordPress is vulnerable to SQL Injection via the 'city'... High Unreviewed
CVE-2025-14770 was published Jan 14, 2026
The Flat Shipping Rate by City for WooCommerce plugin for WordPress is vulnerable to time-based... Moderate Unreviewed
CVE-2026-0678 was published Jan 14, 2026
Social-Share-Buttons 2.2.3 contains a critical SQL injection vulnerability in the project_id... High Unreviewed
CVE-2023-54333 was published Jan 14, 2026
WorkOrder CMS 0.1.0 contains a SQL injection vulnerability that allows unauthenticated attackers... High Unreviewed
CVE-2023-54340 was published Jan 14, 2026
Senayan Library Management System 9.0.0 contains a SQL injection vulnerability in the 'class'... High Unreviewed
CVE-2022-50805 was published Jan 14, 2026
Aero CMS 0.0.1 contains a SQL injection vulnerability in the author parameter that allows... High Unreviewed
CVE-2022-50895 was published Jan 14, 2026
VIAVIWEB Wallpaper Admin 1.0 contains an SQL injection vulnerability that allows authenticated... High Unreviewed
CVE-2022-50894 was published Jan 14, 2026
VIAVIWEB Wallpaper Admin 1.0 contains a SQL injection vulnerability that allows attackers to... High Unreviewed
CVE-2022-50892 was published Jan 14, 2026
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft... High Unreviewed
CVE-2026-20947 was published Jan 13, 2026
An improper neutralization of special elements used in an SQL command ('SQL Injection')... High Unreviewed
CVE-2025-59922 was published Jan 13, 2026
phpgurukul News Portal Project V4.1 is vulnerable to SQL Injection in check_availablity.php. Critical Unreviewed
CVE-2025-69991 was published Jan 13, 2026
A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL... High Unreviewed
CVE-2025-13774 was published Jan 13, 2026
Due to insufficient input validation in SAP S/4HANA Private Cloud and On-Premise (Financials... Critical Unreviewed
CVE-2026-0501 was published Jan 13, 2026
Multiple SQL Injection vulnerabilities exist in AbhishekMali21 GYM-MANAGEMENT-SYSTEM 1.0 via the ... Critical Unreviewed
CVE-2025-67146 was published Jan 13, 2026
Multiple SQL Injection vulnerabilities exist in amansuryawanshi Gym-Management-System-PHP 1.0 via... Critical Unreviewed
CVE-2025-67147 was published Jan 12, 2026
A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0... Critical Unreviewed
CVE-2025-51567 was published Jan 12, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database