Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

6,544 advisories

Loading
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to SQL... High Unreviewed
CVE-2024-10628 was published Jan 26, 2025
The Tutor LMS plugin for WordPress is vulnerable to time-based SQL Injection via the ‘question_id... High Unreviewed
CVE-2024-4318 was published May 16, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24659 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24672 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24669 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24728 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24587 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24663 was published Jan 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-24683 was published Jan 24, 2025
The HUSKY – Products Filter for WooCommerce Professional plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-1795 was published Mar 15, 2024
The Tutor LMS plugin for WordPress is vulnerable to SQL Injection via the ‘rating_filter’... High Unreviewed
CVE-2024-10400 was published Jan 23, 2025
The Product Table by WBW plugin for WordPress is vulnerable to SQL Injection via the ... High Unreviewed
CVE-2024-13234 was published Jan 23, 2025
JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the... High Unreviewed
CVE-2024-57769 was published Jan 16, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23686 was published Jan 22, 2025
JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the... High Unreviewed
CVE-2024-57770 was published Jan 16, 2025
JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the... High Unreviewed
CVE-2024-57775 was published Jan 16, 2025
The Pods – Custom Content Types and Fields plugin for WordPress is vulnerable to SQL Injection... High Unreviewed
CVE-2023-6967 was published Apr 9, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-23910 was published Jan 22, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-23784 was published Jan 22, 2025
The GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress... High Unreviewed
CVE-2024-13496 was published Jan 22, 2025
Active Record contains SQL Injection High
CVE-2012-6496 was published for activerecord (RubyGems) Oct 24, 2017
levpachmanov
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-49333 was published Jan 21, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-22716 was published Jan 21, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-22710 was published Jan 21, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-49666 was published Jan 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database