GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
243 advisories
Admidio Vulnerable to Authenticated SQL Injection in Member Assignment Functionality
High
CVE-2025-62617
was published
for
admidio/admidio
(Composer)
Oct 22, 2025
Amazon Redshift Python Connector vulnerable to SQL Injection
High
CVE-2024-12745
was published
for
redshift_connector
(pip)
Dec 26, 2024
Amazon Redshift JDBC Driver vulnerable to SQL Injection
High
CVE-2024-12744
was published
for
com.amazon.redshift:redshift-jdbc42
(Maven)
Dec 26, 2024
Querydsl vulnerable to HQL injection through orderBy
High
CVE-2024-49203
was published
for
com.querydsl:querydsl-apt
(Maven)
Nov 27, 2024
PyLoad vulnerable to SQL Injection via API /json/add_package in add_links parameter
High
CVE-2025-55156
was published
for
pyload-ng
(pip)
Aug 12, 2025
eKuiper API endpoints handling SQL queries with user-controlled table names.
High
CVE-2025-54379
was published
for
github.com/lf-edge/ekuiper
(Go)
Jul 24, 2025
pgx SQL Injection via Line Comment Creation
High
CVE-2024-27289
was published
for
github.com/jackc/pgx
(Go)
Mar 4, 2024
Navidrome allows SQL Injection via role parameter
High
CVE-2025-48949
was published
for
github.com/navidrome/navidrome
(Go)
May 29, 2025
Moodle has a SQL injection risk in course search module list filter
High
CVE-2025-26533
was published
for
moodle/moodle
(Composer)
Feb 24, 2025
ProTip!
Advisories are also available from the
GraphQL API