Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,748
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,063 advisories

Loading
The Simple Video Directory WordPress plugin before 1.4.3 does not properly sanitise and escape a... Critical Unreviewed
CVE-2024-6809 was published May 15, 2025
An error-based SQL Injection (SQLi) vulnerability in WebERP v4.15.2 allows attackers to execute... Critical Unreviewed
CVE-2025-46052 was published May 15, 2025
rebuild v3.9.0 through v3.9.3 has a SQL injection vulnerability in /admin/admin-cli/exec component. Critical Unreviewed
CVE-2025-28056 was published May 13, 2025
EngineerCMS v1.02 through v2.0.5 has a SQL injection vulnerability in the /project/addproject... Critical Unreviewed
CVE-2025-44831 was published May 13, 2025
SQL injection vulnerability in DomainsPRO 1.2. This vulnerability could allow an attacker to... Critical Unreviewed
CVE-2025-40628 was published May 13, 2025
A vulnerability has been identified in OZW672 (All versions < V6.0), OZW772 (All versions < V6.0)... Critical Unreviewed
CVE-2025-26390 was published May 13, 2025
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.... Critical Unreviewed
CVE-2023-49641 was published May 13, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-47682 was published May 12, 2025
EngineerCMS v1.02 through v.2.0.5 has a SQL injection vulnerability in the /project... Critical Unreviewed
CVE-2025-44830 was published May 12, 2025
The ISOinsight from Netvision has a SQL Injection vulnerability, allowing unauthenticated remote... Critical Unreviewed
CVE-2025-4559 was published May 12, 2025
SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in... Critical Unreviewed
CVE-2025-46192 was published May 9, 2025
SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in... Critical Unreviewed
CVE-2025-46190 was published May 9, 2025
SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in... Critical Unreviewed
CVE-2025-46189 was published May 9, 2025
SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in... Critical Unreviewed
CVE-2025-46188 was published May 9, 2025
PHPGURUKUL Vehicle Parking Management System v1.13 is vulnerable to SQL injection in the /vpms... Critical Unreviewed
CVE-2025-45885 was published May 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-47657 was published May 7, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Critical Unreviewed
CVE-2025-0668 was published May 7, 2025
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component... Critical Unreviewed
CVE-2025-44073 was published May 6, 2025
SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject... Critical Unreviewed
CVE-2025-40623 was published May 6, 2025
Unrestricted file upload in TCMAN's GIM v11. This vulnerability allows an unauthenticated... Critical Unreviewed
CVE-2025-40625 was published May 6, 2025
SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject... Critical Unreviewed
CVE-2025-40621 was published May 6, 2025
SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject... Critical Unreviewed
CVE-2025-40620 was published May 6, 2025
SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject... Critical Unreviewed
CVE-2025-40624 was published May 6, 2025
SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject... Critical Unreviewed
CVE-2025-40622 was published May 6, 2025
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component... Critical Unreviewed
CVE-2025-44074 was published May 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database