Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,748
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,063 advisories

Loading
Improper neutralization of input provided by an unauthorized user into changes__reference_id... Critical Unreviewed
CVE-2025-4568 was published Jun 5, 2025
Multiple vector store integrations in run-llama/llama_index version v0.12.21 have SQL injection... Critical Unreviewed
CVE-2025-1793 was published Jun 5, 2025
The File Provider WordPress plugin through 1.2.3 does not properly sanitise and escape a... Critical Unreviewed
CVE-2025-4578 was published Jun 4, 2025
An SQL injection vulnerability exists in the delete function of DuckDBVectorStore in run-llama... Critical Unreviewed
CVE-2025-1750 was published Jun 2, 2025
PHPGURUKUL Restaurant Table Booking System using PHP and MySQL v1.0 was discovered to contain a... Critical Unreviewed
CVE-2024-51101 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-48283 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-47599 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-47640 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-46539 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-46455 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-46460 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39504 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39501 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-31056 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-31914 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-31397 was published May 23, 2025
2nd Order SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of... Critical Unreviewed
CVE-2024-13955 was published May 22, 2025
An issue was discovered in Infoblox NETMRI before 7.6.1. Unauthenticated SQL Injection can occur. Critical Unreviewed
CVE-2025-32814 was published May 22, 2025
SQL injection vulnerability in Comerzzia Backoffice: Sales Orchestrator 3.0.15. This... Critical Unreviewed
CVE-2025-40635 was published May 20, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39389 was published May 19, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39386 was published May 19, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39395 was published May 19, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39445 was published May 19, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-32643 was published May 16, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39481 was published May 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database