Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,749
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,063 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-32603 was published Apr 11, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-22371 was published Apr 14, 2025
A SQL Injection vulnerability in dingfanzuCMS v.1.0 allows a attacker to execute arbitrary code... Critical Unreviewed
CVE-2025-28100 was published Apr 15, 2025
Improper neutralization of input provided by a low-privileged user into a file search... Critical Unreviewed
CVE-2025-1981 was published Apr 16, 2025
Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2024-40072 was published Apr 16, 2025
Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2024-40073 was published Apr 16, 2025
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The... Critical Unreviewed
CVE-2025-27539 was published Apr 16, 2025
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The... Critical Unreviewed
CVE-2025-27540 was published Apr 16, 2025
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The... Critical Unreviewed
CVE-2025-27495 was published Apr 16, 2025
SQL Injection vulnerability exists in the TP-Link M7650 4G LTE Mobile Wi-Fi Router Firmware... Critical Unreviewed
CVE-2025-29651 was published Apr 16, 2025
SQL Injection vulnerability exists in the TP-Link M7000 4G LTE Mobile Wi-Fi Router Firmware... Critical Unreviewed
CVE-2025-29652 was published Apr 16, 2025
SQL Injection vulnerability exists in the TP-Link M7450 4G LTE Mobile Wi-Fi Router Firmware... Critical Unreviewed
CVE-2025-29653 was published Apr 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-22655 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-27302 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-32636 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-32626 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-32665 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39587 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39595 was published Apr 17, 2025
A SQL Injection vulnerability exists in the `u` parameter of the progress-body-weight.php... Critical Unreviewed
CVE-2025-28009 was published Apr 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39471 was published Apr 18, 2025
Sacco Management system v1.0 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-44755 was published Apr 22, 2025
MuM (aka Mensch und Maschine) MapEdit (aka mapedit-web) 24.2.3 is vulnerable to SQL Injection... Critical Unreviewed
CVE-2025-43949 was published Apr 22, 2025
org.xwiki.platform:xwiki-platform-rest-server allows SQL injection in query endpoint of REST API Critical
CVE-2025-32969 was published for org.xwiki.platform:xwiki-platform-rest-server (Maven) Apr 23, 2025
madprogrammer
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-46248 was published Apr 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database