Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,688
Erlang
34
GitHub Actions
26
Go
2,274
Maven
5,000+
npm
3,930
NuGet
706
pip
3,696
Pub
12
RubyGems
919
Rust
955
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,022 advisories

Loading
SOOP-CLM from PiExtract has a SQL Injection vulnerability, allowing unauthenticated remote... Critical Unreviewed
CVE-2025-3011 was published Mar 31, 2025
Sourcecodester Online Exam System 1.0 is vulnerable to SQL Injection via dash.php. Critical Unreviewed
CVE-2025-28087 was published Mar 29, 2025
A SQL injection vulnerability exists in the Epicor HCM 2021 1.9, specifically in the filter... Critical Unreviewed
CVE-2025-22953 was published Mar 28, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-22523 was published Mar 28, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-26898 was published Mar 28, 2025
semcms <=5.0 is vulnerable to SQL Injection in SEMCMS_Fuction.php. Critical Unreviewed
CVE-2025-25686 was published Mar 27, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-30524 was published Mar 26, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-28942 was published Mar 26, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-28898 was published Mar 26, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-26941 was published Mar 26, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-28904 was published Mar 25, 2025
SQL injection vulnerability in the authentication module in Convivance StandVoice 4.5 through 6.2... Critical Unreviewed
CVE-2024-42533 was published Mar 25, 2025
A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input... Critical Unreviewed
CVE-2025-29980 was published Mar 20, 2025
llama-index-packs-finchat SQL Injection vulnerability Critical
CVE-2024-12909 was published for llama-index-packs-finchat (pip) Mar 20, 2025
logan-markewich
A SQL injection vulnerability exists in the `duckdb_retriever` component of the run-llama... Critical Unreviewed
CVE-2024-11958 was published Mar 20, 2025
In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution... Critical Unreviewed
CVE-2024-10835 was published Mar 20, 2025
DB-GPT Arbitrary File Write vulnerability Critical
CVE-2024-10901 was published for dbgpt (pip) Mar 20, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-12016 was published Mar 20, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2024-8997 was published Mar 18, 2025
SQL injection vulnerability in Online Exam Mastering System v.1.0 allows a remote attacker to... Critical Unreviewed
CVE-2025-25914 was published Mar 17, 2025
SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax... Critical Unreviewed
CVE-2025-2199 was published Mar 17, 2025
QL injection vulnerability in the IcProgreso Innovación y Cualificación plugin. This... Critical Unreviewed
CVE-2025-2200 was published Mar 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-26875 was published Mar 16, 2025
CM Soluces Informatica Ltda Auto Atendimento 1.x.x was discovered to contain a SQL injection via... Critical Unreviewed
CVE-2025-26163 was published Mar 14, 2025
crmeb CRMEB-KY v5.4.0 and before has a SQL Injection vulnerability at getRead() in /system... Critical Unreviewed
CVE-2025-25763 was published Mar 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database