Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

14,353 advisories

Loading
Apache Superset: Improper authorization bypass on row level security via SQL Injection High
CVE-2025-48912 was published for apache-superset (pip) May 30, 2025
Navidrome allows SQL Injection via role parameter High
CVE-2025-48949 was published for github.com/navidrome/navidrome (Go) May 29, 2025
4rdr
A vulnerability, which was classified as critical, was found in Campcodes Online Hospital... Moderate Unreviewed
CVE-2025-5298 was published May 28, 2025
The Likes and Dislikes Plugin plugin for WordPress is vulnerable to SQL Injection via the 'post'... High Unreviewed
CVE-2025-5287 was published May 28, 2025
A vulnerability classified as critical was found in Campcodes Online Hospital Management System 1... Moderate Unreviewed
CVE-2025-5246 was published May 27, 2025
A vulnerability was found in Campcodes Online Hospital Management System 1.0. It has been rated... Moderate Unreviewed
CVE-2025-5229 was published May 27, 2025
SIGB PMB before 8.0.1.2 allows SQL injection. Moderate Unreviewed
CVE-2025-48743 was published May 27, 2025
A vulnerability classified as critical has been found in Campcodes Online Hospital Management... Moderate Unreviewed
CVE-2025-5224 was published May 27, 2025
A vulnerability, which was classified as critical, was found in Campcodes Advanced Online Voting... Moderate Unreviewed
CVE-2025-5225 was published May 27, 2025
Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to... High Unreviewed
CVE-2025-40666 was published May 26, 2025
Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to... High Unreviewed
CVE-2025-40665 was published May 26, 2025
A SQL Injection issue in the request body processing in BOS IPCs with firmware 21.45.8.2.2_220219... Moderate Unreviewed
CVE-2025-48735 was published May 23, 2025
PHPGURUKUL Student Management System using PHP and MySQL v1 was discovered to contain multiple... Moderate Unreviewed
CVE-2024-51102 was published May 23, 2025
PHPGURUKUL Student Management System using PHP and MySQL v1 was discovered to contain multiple... Moderate Unreviewed
CVE-2024-51103 was published May 23, 2025
PHPGURUKUL Restaurant Table Booking System using PHP and MySQL v1.0 was discovered to contain a... Critical Unreviewed
CVE-2024-51101 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-48283 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-47671 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-47575 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-47599 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-47640 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-46539 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-47478 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-46455 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-46460 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-46463 was published May 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database