Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,474
Erlang
33
GitHub Actions
24
Go
2,203
Maven
5,000+
npm
3,845
NuGet
696
pip
3,635
Pub
12
RubyGems
911
Rust
912
Swift
38
Unreviewed advisories
All unreviewed
5,000+

13,516 advisories

Loading
Frappe has possibility of SQL injection due to improper validations Moderate
CVE-2025-30212 was published for frappe (pip) Mar 25, 2025
SQL injection vulnerability in the authentication module in Convivance StandVoice 4.5 through 6.2... Critical Unreviewed
CVE-2024-42533 was published Mar 25, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Moderate Unreviewed
CVE-2024-53678 was published Mar 25, 2025
SQL Injection can occur in the SirsiDynix Horizon Information Portal (IPAC20) through 3.25_9382;... High Unreviewed
CVE-2024-44903 was published Mar 25, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-30604 was published Mar 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-30569 was published Mar 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-30571 was published Mar 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-30590 was published Mar 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-30570 was published Mar 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-30525 was published Mar 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-30523 was published Mar 24, 2025
A vulnerability, which was classified as critical, has been found in PHPGurukul Bank Locker... Moderate Unreviewed
CVE-2025-2684 was published Mar 24, 2025
A vulnerability was found in PHPGurukul Bank Locker Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2025-2681 was published Mar 24, 2025
A vulnerability classified as critical was found in PHPGurukul Bank Locker Management System 1.0.... Moderate Unreviewed
CVE-2025-2683 was published Mar 24, 2025
A vulnerability classified as critical has been found in PHPGurukul Bank Locker Management System... Moderate Unreviewed
CVE-2025-2682 was published Mar 24, 2025
The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By... High Unreviewed
CVE-2025-2186 was published Mar 22, 2025
The Code Clone plugin for WordPress is vulnerable to time-based SQL Injection via the ‘snippetId’... Moderate Unreviewed
CVE-2025-2478 was published Mar 22, 2025
The WooCommerce Multivendor Marketplace – REST API plugin for WordPress is vulnerable to SQL... Moderate Unreviewed
CVE-2025-1311 was published Mar 22, 2025
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-0723 was published Mar 22, 2025
Phpgurukul Vehicle Record Management System v1.0 is vulnerable to SQL Injection in /index.php via... High Unreviewed
CVE-2025-29641 was published Mar 21, 2025
Phpgurukul Human Metapneumovirus (HMPV) – Testing Management System v1.0 is vulnerable to SQL... Moderate Unreviewed
CVE-2025-29640 was published Mar 21, 2025
EBM Maintenance Center From EBM Technologies has a SQL Injection vulnerability, allowing remote... High Unreviewed
CVE-2025-2585 was published Mar 21, 2025
A SQL injection issue has been discovered in eTRAKiT.net release 3.2.1.77. Due to improper input... Critical Unreviewed
CVE-2025-29980 was published Mar 20, 2025
DESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 allows SQL Injection. Moderate Unreviewed
CVE-2025-26852 was published Mar 20, 2025
Vanna-ai v0.6.2 is vulnerable to SQL Injection due to insufficient protection against injecting... High Unreviewed
CVE-2024-7764 was published Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database