Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,951
Erlang
39
GitHub Actions
38
Go
2,607
Maven
5,000+
npm
4,251
NuGet
757
pip
4,017
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,224 advisories

Loading
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-41530 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in... Critical Unreviewed
CVE-2023-41526 was published Aug 7, 2025
A Boolean-based SQL injection vulnerability was discovered in Axelor 5.2.4 via the _domain... Critical Unreviewed
CVE-2025-50341 was published Aug 4, 2025
The ADOdb sqlite3 driver allows SQL injection Critical
CVE-2025-54119 was published for adodb/adodb-php (Composer) Aug 4, 2025
mrcnpp dregad
Credited to mrcnpp and dregad
Saurus CMS Community Edition since commit d886e5b0 (2010-04-23) is vulnerable to a SQL Injection... Critical Unreviewed
CVE-2025-52390 was published Aug 1, 2025
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1... Critical Unreviewed
CVE-2025-41370 was published Aug 1, 2025
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1... Critical Unreviewed
CVE-2025-41371 was published Aug 1, 2025
An unauthenticated SQL injection vulnerability exists in the Kloxo web hosting control panel ... Critical Unreviewed
CVE-2014-125123 was published Jul 31, 2025
A vulnerability exists in OAstium VoIP PBX astium-confweb-2.1-25399 and earlier, where improper... Critical Unreviewed
CVE-2013-10043 was published Jul 31, 2025
An unauthenticated SQL injection vulnerability exists in Kimai version 0.9.2.x via the db_restore... Critical Unreviewed
CVE-2013-10033 was published Jul 31, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-6918 was published Jul 28, 2025
An unauthenticated SQL injection vulnerability exists in Pandora FMS version 5.0 SP2 and earlier.... Critical Unreviewed
CVE-2014-125115 was published Jul 25, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-4822 was published Jul 25, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-4784 was published Jul 25, 2025
XWiki Platform vulnerable to SQL injection through getdeleteddocuments.vm template sort parameter Critical
CVE-2025-32429 was published for org.xwiki.platform:xwiki-platform-distribution-war (Maven) Jul 24, 2025
A SQLi vulnerability in Komento component 4.0.0-4.0.7for Joomla was discovered. The issue allows... Critical Unreviewed
CVE-2025-54294 was published Jul 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-4285 was published Jul 22, 2025
An SQL injection vulnerability in the legacy (transparent) SMTP proxy of Sophos Firewall versions... Critical Unreviewed
CVE-2025-7624 was published Jul 21, 2025
The SFT developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote... Critical Unreviewed
CVE-2025-7343 was published Jul 21, 2025
WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability,... Critical Unreviewed
CVE-2025-7918 was published Jul 21, 2025
A SQL injection in Articles Good Search extension 1.0.0 - 1.2.4.0011 for Joomla allows attackers... Critical Unreviewed
CVE-2025-26854 was published Jul 18, 2025
A SQL injection in Articles Calendar extension 1.0.0 - 1.0.1.0007 for Joomla allows attackers to... Critical Unreviewed
CVE-2025-26855 was published Jul 18, 2025
nbcio-boot v1.0.3 was discovered to contain a SQL injection vulnerability via the userIds... Critical Unreviewed
CVE-2025-50240 was published Jul 17, 2025
An improper neutralization of special elements used in an SQL command ('SQL Injection')... Critical Unreviewed
CVE-2025-25257 was published Jul 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-52714 was published Jul 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database