Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,386
Erlang
33
GitHub Actions
22
Go
2,144
Maven
5,000+
npm
3,808
NuGet
687
pip
3,480
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,421 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-26971 was published Feb 25, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-26946 was published Feb 25, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-26915 was published Feb 25, 2025
The Yawave plugin for WordPress is vulnerable to SQL Injection via the 'lbid' parameter in all... High Unreviewed
CVE-2025-1648 was published Feb 25, 2025
A SQL injection vulnerability in the Hikashop component versions 3.3.0-5.1.4 for Joomla allows... High Unreviewed
CVE-2025-22210 was published Feb 25, 2025
SQL injection in SLIMS v.9.6.1 allows a remote attacker to escalate privileges via the month... High Unreviewed
CVE-2025-26200 was published Feb 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-27312 was published Feb 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-27297 was published Feb 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-12918 was published Feb 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-12916 was published Feb 24, 2025
The LTL Freight Quotes – Purolator Edition plugin for WordPress is vulnerable to SQL Injection... High Unreviewed
CVE-2024-13474 was published Feb 22, 2025
A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects... High Unreviewed
CVE-2025-25876 was published Feb 21, 2025
Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL... High Unreviewed
CVE-2025-26794 was published Feb 21, 2025
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-11260 was published Feb 21, 2025
The LTL Freight Quotes – GlobalTranz Edition plugin for WordPress is vulnerable to SQL Injection... High Unreviewed
CVE-2024-13476 was published Feb 20, 2025
The LTL Freight Quotes – SEFL Edition plugin for WordPress is vulnerable to SQL Injection via the... High Unreviewed
CVE-2024-13479 was published Feb 19, 2025
The LTL Freight Quotes – SAIA Edition plugin for WordPress is vulnerable to SQL Injection via the... High Unreviewed
CVE-2024-13483 was published Feb 19, 2025
The LTL Freight Quotes – TForce Edition plugin for WordPress is vulnerable to SQL Injection via... High Unreviewed
CVE-2024-13478 was published Feb 19, 2025
The Small Package Quotes – For Customers of FedEx plugin for WordPress is vulnerable to SQL... High Unreviewed
CVE-2024-13491 was published Feb 19, 2025
The LTL Freight Quotes – ABF Freight Edition plugin for WordPress is vulnerable to SQL Injection... High Unreviewed
CVE-2024-13485 was published Feb 19, 2025
The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is vulnerable to SQL Injection... High Unreviewed
CVE-2024-13481 was published Feb 19, 2025
The Small Package Quotes – Worldwide Express Edition plugin for WordPress is vulnerable to SQL... High Unreviewed
CVE-2024-13534 was published Feb 19, 2025
The Small Package Quotes – USPS Edition plugin for WordPress is vulnerable to SQL Injection via... High Unreviewed
CVE-2024-13533 was published Feb 19, 2025
The LTL Freight Quotes – Old Dominion Edition plugin for WordPress is vulnerable to SQL Injection... High Unreviewed
CVE-2024-13489 was published Feb 19, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-22639 was published Feb 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database