Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,684 advisories

Loading
An SQL injection vulnerability has been reported to affect Qsync Central. If exploited, the... High Unreviewed
CVE-2025-29892 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49421 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49323 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49315 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49327 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49326 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49328 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-30989 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-49263 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-26590 was published Jun 6, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2023-26003 was published Jun 6, 2025
SQL injection vulnerability in the registrationform endpoint of CloudClassroom-PHP-Project v1.0.... High Unreviewed
CVE-2025-45542 was published Jun 2, 2025
Foxcms v1.25 has a SQL time injection in the $_POST['dbname'] parameter of installdb.php. High Unreviewed
CVE-2025-46154 was published Jun 3, 2025
SEMCMS 3.9 is vulnerable to SQL Injection. Due to the lack of security checks on the input of the... High Unreviewed
CVE-2023-48863 was published Dec 4, 2023
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2023-50854 was published Dec 28, 2023
The Contact Form by WD WordPress plugin through 1.13.23 does not properly sanitise and escape a... High Unreviewed
CVE-2023-2655 was published Jan 16, 2024
A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP... High Unreviewed
CVE-2024-57459 was published Jun 2, 2025
The WP Fastest Cache WordPress plugin before 0.9.5 does not escape user input in the... High Unreviewed
CVE-2021-24869 was published Jan 16, 2024
An issue was discovered in the Archibus app 4.0.3 for iOS. It uses a local database that is... High Unreviewed
CVE-2023-48645 was published Feb 2, 2024
An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the... High Unreviewed
CVE-2022-45165 was published Jan 10, 2023
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in HelpDeskZ 1.0.2. The feature to auto... High Unreviewed
CVE-2020-26546 was published May 24, 2022
Multiple SQL Injection vulnerabilities in Teachers Record Management System 1.0 allow remote... High Unreviewed
CVE-2021-28423 was published May 24, 2022
The Likes and Dislikes Plugin plugin for WordPress is vulnerable to SQL Injection via the 'post'... High Unreviewed
CVE-2025-5287 was published May 28, 2025
Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to... High Unreviewed
CVE-2025-40665 was published May 26, 2025
Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to... High Unreviewed
CVE-2025-40666 was published May 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database