Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,538
Maven
5,000+
npm
5,000+
NuGet
914
pip
4,790
Pub
13
RubyGems
1,037
Rust
1,232
Swift
53
Unreviewed advisories
All unreviewed
5,000+

16,860 advisories

Loading
The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL... Critical Unreviewed
CVE-2024-36058 was published Apr 7, 2026
Windmill CE and EE versions 1.276.0 through 1.603.2 contain an SQL injection vulnerability in the... Critical Unreviewed
CVE-2026-23696 was published Apr 7, 2026
An issue that allowed a SQL injection attack vector related to saved queries (introduced in... Moderate Unreviewed
CVE-2026-5372 was published Apr 7, 2026
The SQL Chart Builder WordPress plugin before 2.3.8 does not properly escape user input as it is... Moderate Unreviewed
CVE-2026-4079 was published Apr 7, 2026
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2026-34885 was published Apr 6, 2026
Advance Gift Shop Pro Script 2.0.3 contains an SQL injection vulnerability that allows... High Unreviewed
CVE-2019-25680 was published Apr 5, 2026
OpenDocMan 1.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2019-25684 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers... High Unreviewed
CVE-2019-25688 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate... High Unreviewed
CVE-2019-25690 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers... High Unreviewed
CVE-2019-25694 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate... High Unreviewed
CVE-2019-25692 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate... High Unreviewed
CVE-2019-25702 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate... High Unreviewed
CVE-2019-25704 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate... High Unreviewed
CVE-2019-25698 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate... High Unreviewed
CVE-2019-25700 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate... High Unreviewed
CVE-2019-25696 was published Apr 5, 2026
News Website Script 2.0.5 contains an SQL injection vulnerability that allows unauthenticated... High Unreviewed
CVE-2019-25668 was published Apr 5, 2026
qdPM 9.1 contains an SQL injection vulnerability that allows attackers to manipulate database... High Unreviewed
CVE-2019-25669 was published Apr 5, 2026
eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers... High Unreviewed
CVE-2019-25675 was published Apr 5, 2026
CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2019-25674 was published Apr 5, 2026
PilusCart 1.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2019-25672 was published Apr 5, 2026
SuiteCRM 7.10.7 contains a time-based SQL injection vulnerability in the record parameter of the... High Unreviewed
CVE-2019-25664 was published Apr 5, 2026
SuiteCRM 7.10.7 contains a SQL injection vulnerability that allows authenticated attackers to... High Unreviewed
CVE-2019-25663 was published Apr 5, 2026
ResourceSpace 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers... High Unreviewed
CVE-2019-25662 was published Apr 5, 2026
OpenSTAManager has a SQL Injection via righe Parameter in confronta_righe Modals High
CVE-2026-35470 was published for devcode-it/openstamanager (Composer) Apr 3, 2026
ormzro Credited to ormzro
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database