Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,730
Erlang
35
GitHub Actions
29
Go
2,307
Maven
5,000+
npm
3,947
NuGet
711
pip
3,727
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,056 advisories

Loading
LlamaIndex Retrievers Integration: DuckDBRetriever SQL Injection Critical
CVE-2024-11958 was published for llama-index-retrievers-duckdb-retriever (pip) Mar 20, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-2812 was published May 2, 2025
PHPGURUKUL Restaurant Table Booking System using PHP and MySQL v1.0 was discovered to contain a... Critical Unreviewed
CVE-2024-51101 was published May 23, 2025
The CZ Loan Management WordPress plugin through 1.1 does not properly sanitise and escape a... Critical Unreviewed
CVE-2024-5975 was published Jul 30, 2024
The WpStickyBar WordPress plugin through 2.1.0 does not properly sanitise and escape a parameter... Critical Unreviewed
CVE-2024-5765 was published Jul 30, 2024
The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not properly sanitise and escape a... Critical Unreviewed
CVE-2024-6847 was published Aug 20, 2024
SQL injection in ADOdb PostgreSQL driver pg_insert_id() method Critical
CVE-2025-46337 was published for adodb/adodb-php (Composer) May 1, 2025
mrcnpp dregad
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-48283 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-47640 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39504 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-46460 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-46455 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-46539 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-39501 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-47599 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-31056 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-31397 was published May 23, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-31914 was published May 23, 2025
2nd Order SQL injection vulnerabilities in ASPECT allow unintended access and manipulation of... Critical Unreviewed
CVE-2024-13955 was published May 22, 2025
An issue was discovered in Infoblox NETMRI before 7.6.1. Unauthenticated SQL Injection can occur. Critical Unreviewed
CVE-2025-32814 was published May 22, 2025
Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via sales-report-ds.php file. Critical Unreviewed
CVE-2022-40944 was published Oct 1, 2022
Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via bwdate-report-ds.php file. Critical Unreviewed
CVE-2022-40943 was published Oct 1, 2022
An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1... Critical Unreviewed
CVE-2022-40872 was published Oct 7, 2022
SQL injection vulnerability in Comerzzia Backoffice: Sales Orchestrator 3.0.15. This... Critical Unreviewed
CVE-2025-40635 was published May 20, 2025
Affected 1E Platform versions have a Blind SQL Injection vulnerability that can lead to arbitrary... Critical Unreviewed
CVE-2023-45162 was published Oct 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database