GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,144
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,760
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,536

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,616 advisories

Filter by severity

Sort by

Least recently updated

IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL... Moderate Unreviewed

CVE-2024-35148 was published Jan 25, 2025

The Simple Downloads List plugin for WordPress is vulnerable to SQL Injection via the 'category'... Moderate Unreviewed

CVE-2024-13594 was published Jan 24, 2025

The Form Builder CP plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter of... Moderate Unreviewed

CVE-2024-13680 was published Jan 24, 2025

The Tainacan plugin for WordPress is vulnerable to SQL Injection via the 'collection_id'... Moderate Unreviewed

CVE-2024-13236 was published Jan 23, 2025

The WP-Polls plugin for WordPress is vulnerable to SQL Injection via COOKIE in all versions up to... Moderate Unreviewed

CVE-2024-13426 was published Jan 22, 2025

The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress... Moderate Unreviewed

CVE-2024-13230 was published Jan 21, 2025

The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix... Moderate Unreviewed

CVE-2024-12615 was published Jan 16, 2025

An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Moderate Unreviewed

CVE-2024-52969 was published Jan 14, 2025

A improper neutralization of special elements used in an sql command ('sql injection') in... Moderate Unreviewed

CVE-2024-35275 was published Jan 14, 2025

A improper neutralization of special elements used in an sql command ('sql injection') in... Moderate Unreviewed

CVE-2024-35278 was published Jan 14, 2025

An issue in the qst_vec_set_copy component of openlink virtuoso-opensource v7.2.11 allows... Moderate Unreviewed

CVE-2024-57653 was published Jan 14, 2025

The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3,... Moderate Unreviewed

CVE-2024-12473 was published Jan 10, 2025

BigAnt Office Messenger 5.6.06 is vulnerable to SQL Injection via the 'dev_code' parameter. Moderate Unreviewed

CVE-2024-54761 was published Jan 9, 2025

Ruoyi v.4.7.9 and before contains an authenticated SQL injection vulnerability. This is because... Moderate Unreviewed

CVE-2024-54762 was published Jan 9, 2025

The WP Travel – Ultimate Travel Booking System, Tour Management Engine plugin for WordPress is... Moderate Unreviewed

CVE-2024-12067 was published Jan 9, 2025

The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to SQL Injection... Moderate Unreviewed

CVE-2024-12030 was published Jan 8, 2025

A vulnerability was found in code-projects Online Book Shop 1.0. It has been declared as critical... Moderate Unreviewed

CVE-2025-0297 was published Jan 7, 2025

A vulnerability was found in code-projects Online Book Shop 1.0. It has been classified as... Moderate Unreviewed

CVE-2025-0296 was published Jan 7, 2025

The School Management System – WPSchoolPress plugin for WordPress is vulnerable to SQL Injection... Moderate Unreviewed

CVE-2024-12332 was published Jan 7, 2025

The Timeline Designer plugin for WordPress is vulnerable to SQL Injection via the 's' parameter... Moderate Unreviewed

CVE-2024-11437 was published Jan 7, 2025

A vulnerability has been found in Codezips Gym Management System 1.0 and classified as critical.... Moderate Unreviewed

CVE-2025-0231 was published Jan 6, 2025

A vulnerability was found in Codezips Blood Bank Management System 1.0 and classified as critical... Moderate Unreviewed

CVE-2025-0232 was published Jan 6, 2025

A vulnerability was found in Codezips Project Management System 1.0. It has been classified as... Moderate Unreviewed

CVE-2025-0233 was published Jan 6, 2025

A vulnerability, which was classified as critical, was found in code-projects Responsive Hotel... Moderate Unreviewed

CVE-2025-0230 was published Jan 5, 2025

A vulnerability, which was classified as critical, has been found in code-projects Travel... Moderate Unreviewed

CVE-2025-0229 was published Jan 5, 2025

Previous 1 2 3 4 5 … 104 105 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,616 advisories