Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
22
Go
2,166
Maven
5,000+
npm
3,829
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

13,459 advisories

Loading
The Thumbnail carousel slider plugin for WordPress is vulnerable to SQL Injection via the 'id'... Moderate Unreviewed
CVE-2019-25222 was published Mar 15, 2025
The School Management System – WPSchoolPress plugin for WordPress is vulnerable to SQL Injection... Moderate Unreviewed
CVE-2025-1669 was published Mar 15, 2025
The School Management System – WPSchoolPress plugin for WordPress is vulnerable to SQL Injection... Moderate Unreviewed
CVE-2025-1670 was published Mar 15, 2025
SQL Injection Vulnerability in tanujpatra228 Tution Management System (TMS) via the email... Critical Unreviewed
CVE-2022-45677 was published Feb 21, 2023
Saved search functionality contains a blind SQL injection that can be exploited by authenticated... High Unreviewed
CVE-2024-54447 was published Mar 14, 2025
Document history functionality contains a blind SQL injection that can be exploited by... High Unreviewed
CVE-2024-54446 was published Mar 14, 2025
Login functionality contains a blind SQL injection that can be exploited by unauthenticated... High Unreviewed
CVE-2024-54445 was published Mar 14, 2025
An improper neutralization of special elements used in an SQL command ('SQL Injection')... Low Unreviewed
CVE-2022-29059 was published Mar 14, 2025
Logout functionality contains a blind SQL injection that can be exploited by unauthenticated... High Unreviewed
CVE-2024-12245 was published Mar 14, 2025
The WPCOM Member plugin for WordPress is vulnerable to time-based SQL Injection via the ... High Unreviewed
CVE-2025-2221 was published Mar 14, 2025
The AnalyticsWP plugin for WordPress is vulnerable to SQL Injection via the 'custom_sql'... High Unreviewed
CVE-2024-13321 was published Mar 14, 2025
SQL Injection vulnerability in MRCMS v3.1.2 allows attackers to run arbitrary system commands via... Moderate Unreviewed
CVE-2024-25428 was published Feb 21, 2024
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter... Critical Unreviewed
CVE-2024-33146 was published May 7, 2024
RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id... Critical Unreviewed
CVE-2024-25527 was published May 8, 2024
A vulnerability, which was classified as critical, was found in PHPGurukul Pre-School Enrollment... Moderate Unreviewed
CVE-2025-2088 was published Mar 7, 2025
The Eventer - WordPress Event & Booking Manager Plugin plugin for WordPress is vulnerable to SQL... High Unreviewed
CVE-2025-0959 was published Mar 7, 2025
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2024-6457 was published Jul 16, 2024
SQL Injection vulnerability in Simple Laboratory Management System using PHP and MySQL v.1.0... Moderate Unreviewed
CVE-2024-40443 was published Nov 13, 2024
Koha <= 21.11 is contains a SQL Injection vulnerability in /serials/lateissues-export.pl via the... Moderate Unreviewed
CVE-2025-22954 was published Mar 12, 2025
The WordPress Report Brute Force Attacks and Login Protection ReportAttacks Plugins plugin for... Moderate Unreviewed
CVE-2025-2250 was published Mar 13, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-30486 was published Mar 29, 2024
The ArielBrailovsky-ViralAd plugin for WordPress is vulnerable to SQL Injection via the 'id'... High Unreviewed
CVE-2025-2107 was published Mar 13, 2025
The ArielBrailovsky-ViralAd plugin for WordPress is vulnerable to SQL Injection via the 'text'... High Unreviewed
CVE-2025-2106 was published Mar 13, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-32125 was published Apr 15, 2024
GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the SortName... Moderate Unreviewed
CVE-2024-55159 was published Feb 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database