GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,400
Composer 4,386
Erlang 33
GitHub Actions 22
Go 2,141
Maven 5,315
npm 3,803
NuGet 687
pip 3,480
Pub 12
RubyGems 897
Rust 898
Swift 38

Unreviewed advisories

All unreviewed 245,842

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,723 advisories

Filter by severity

Sort by

Least recently updated

There is a SQL injection issue in Esri ArcGIS Monitor versions 2023.0 through 2024.x on Windows... Moderate Unreviewed

CVE-2025-1726 was published Feb 26, 2025

NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL... Moderate Unreviewed

CVE-2024-53543 was published Feb 25, 2025

SQL Injection vulnerability in PbootCMS 1.4.1 in parsing if statements in templates, resulting in... Moderate Unreviewed

CVE-2020-19248 was published Feb 21, 2025

The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection... Moderate Unreviewed

CVE-2024-13846 was published Feb 21, 2025

The WPExperts Square For GiveWP plugin for WordPress is vulnerable to SQL Injection via the 'post... Moderate Unreviewed

CVE-2024-13713 was published Feb 21, 2025

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction &... Moderate Unreviewed

CVE-2024-12276 was published Feb 21, 2025

The Pinpoint Booking System – #1 WordPress Booking Plugin plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-13235 was published Feb 21, 2025

A SQL Injection vulnerability in Nagios XI 2024R1.2.2 allows a remote attacker to execute SQL... Moderate Unreviewed

CVE-2024-54960 was published Feb 20, 2025

The Legoeso PDF Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ... Moderate Unreviewed

CVE-2025-0866 was published Feb 20, 2025

The Pollin plugin for WordPress is vulnerable to SQL Injection via the 'question' parameter in... Moderate Unreviewed

CVE-2024-13712 was published Feb 19, 2025

The Categorized Gallery Plugin plugin for WordPress is vulnerable to SQL Injection via the 'field... Moderate Unreviewed

CVE-2024-13676 was published Feb 19, 2025

Improperly built order clauses lead to a SQL injection vulnerability in the backend task list of... Moderate Unreviewed

CVE-2025-22207 was published Feb 18, 2025

The Tour Master - Tour Booking, Travel, Hotel plugin for WordPress is vulnerable to time-based... Moderate Unreviewed

CVE-2024-13369 was published Feb 18, 2025

The Simple Signup Form plugin for WordPress is vulnerable to SQL Injection via the 'id' attribute... Moderate Unreviewed

CVE-2024-13595 was published Feb 18, 2025

A vulnerability classified as critical has been found in code-projects Real Estate Property... Moderate Unreviewed

CVE-2025-1374 was published Feb 17, 2025

A vulnerability was found in needyamin Library Card System 1.0. It has been rated as critical.... Moderate Unreviewed

CVE-2025-1356 was published Feb 16, 2025

The WP Project Manager – Task, team, and project management plugin featuring kanban board and... Moderate Unreviewed

CVE-2024-13500 was published Feb 15, 2025

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows... Moderate Unreviewed

CVE-2025-22208 was published Feb 15, 2025

A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows... Moderate Unreviewed

CVE-2025-22209 was published Feb 15, 2025

A SQL Injection vulnerability was found in /bpms/index.php in Source Code and Project Beauty... Moderate Unreviewed

CVE-2025-26157 was published Feb 14, 2025

SQL Injection vulnerability in FeMiner wms wms 1.0 allows a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2025-25994 was published Feb 14, 2025

SQL Injection vulnerability in hooskcms v.1.7.1 allows a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2025-25991 was published Feb 14, 2025

SQL Injection vulnerability in FeMiner wms 1.0 allows a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2025-25992 was published Feb 14, 2025

SQL Injection vulnerability in FeMiner wms wms 1.0 allows a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2025-25993 was published Feb 14, 2025

Bit Assist plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter... Moderate Unreviewed

CVE-2025-0821 was published Feb 14, 2025

Previous 1 2 3 4 5 … 108 109 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,723 advisories