GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,198
Composer 4,343
Erlang 31
GitHub Actions 22
Go 2,107
Maven 5,283
npm 3,764
NuGet 679
pip 3,452
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,211

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,689 advisories

Filter by severity

Sort by

Least recently updated

The WordPress Survey & Poll – Quiz, Survey and Poll Plugin for WordPress plugin for WordPress is... Moderate Unreviewed

CVE-2024-13596 was published Jan 30, 2025

The VR-Frases (collect & share quotes) plugin for WordPress is vulnerable to SQL Injection via... Moderate Unreviewed

CVE-2025-0861 was published Jan 30, 2025

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 is vulnerable to... Moderate Unreviewed

CVE-2023-50316 was published Jan 28, 2025

IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL... Moderate Unreviewed

CVE-2024-35148 was published Jan 25, 2025

The Simple Downloads List plugin for WordPress is vulnerable to SQL Injection via the 'category'... Moderate Unreviewed

CVE-2024-13594 was published Jan 24, 2025

The Form Builder CP plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter of... Moderate Unreviewed

CVE-2024-13680 was published Jan 24, 2025

The Tainacan plugin for WordPress is vulnerable to SQL Injection via the 'collection_id'... Moderate Unreviewed

CVE-2024-13236 was published Jan 23, 2025

A SQL Injection vulnerability exists in Senayan Library Management System SLiMS 9 Bulian 9.6.1... Moderate Unreviewed

CVE-2025-22980 was published Jan 22, 2025

The WP-Polls plugin for WordPress is vulnerable to SQL Injection via COOKIE in all versions up to... Moderate Unreviewed

CVE-2024-13426 was published Jan 22, 2025

The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress... Moderate Unreviewed

CVE-2024-13230 was published Jan 21, 2025

The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix... Moderate Unreviewed

CVE-2024-12615 was published Jan 16, 2025

An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Moderate Unreviewed

CVE-2024-52969 was published Jan 14, 2025

A improper neutralization of special elements used in an sql command ('sql injection') in... Moderate Unreviewed

CVE-2024-35278 was published Jan 14, 2025

A improper neutralization of special elements used in an sql command ('sql injection') in... Moderate Unreviewed

CVE-2024-35275 was published Jan 14, 2025

An issue in the qst_vec_set_copy component of openlink virtuoso-opensource v7.2.11 allows... Moderate Unreviewed

CVE-2024-57653 was published Jan 14, 2025

In Selesta Visual Access Manager < 4.42.2, an authenticated user can access the administrative... Moderate Unreviewed

CVE-2023-42243 was published Jan 14, 2025

The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3,... Moderate Unreviewed

CVE-2024-12473 was published Jan 10, 2025

BigAnt Office Messenger 5.6.06 is vulnerable to SQL Injection via the 'dev_code' parameter. Moderate Unreviewed

CVE-2024-54761 was published Jan 9, 2025

Ruoyi v.4.7.9 and before contains an authenticated SQL injection vulnerability. This is because... Moderate Unreviewed

CVE-2024-54762 was published Jan 9, 2025

The WP Travel – Ultimate Travel Booking System, Tour Management Engine plugin for WordPress is... Moderate Unreviewed

CVE-2024-12067 was published Jan 9, 2025

The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to SQL Injection... Moderate Unreviewed

CVE-2024-12030 was published Jan 8, 2025

A vulnerability was found in code-projects Online Book Shop 1.0. It has been declared as critical... Moderate Unreviewed

CVE-2025-0297 was published Jan 7, 2025

A vulnerability was found in code-projects Online Book Shop 1.0. It has been classified as... Moderate Unreviewed

CVE-2025-0296 was published Jan 7, 2025

The School Management System – WPSchoolPress plugin for WordPress is vulnerable to SQL Injection... Moderate Unreviewed

CVE-2024-12332 was published Jan 7, 2025

The Timeline Designer plugin for WordPress is vulnerable to SQL Injection via the 's' parameter... Moderate Unreviewed

CVE-2024-11437 was published Jan 7, 2025

Previous 1 2 3 4 5 … 107 108 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,689 advisories