Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,458
Erlang
33
GitHub Actions
22
Go
2,156
Maven
5,000+
npm
3,818
NuGet
693
pip
3,497
Pub
12
RubyGems
903
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

13,428 advisories

Loading
The Pollin plugin for WordPress is vulnerable to SQL Injection via the 'question' parameter in... Moderate Unreviewed
CVE-2024-13712 was published Feb 19, 2025
A vulnerability exists in ChurchCRM 5.13.0. and prior that allows an attacker to execute... Critical Unreviewed
CVE-2025-1135 was published Feb 19, 2025
A time-based blind SQL Injection vulnerability exists in the ChurchCRM 5.13.0 and prior... Critical Unreviewed
CVE-2025-1132 was published Feb 19, 2025
A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary... Critical Unreviewed
CVE-2025-1133 was published Feb 19, 2025
A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary... Critical Unreviewed
CVE-2025-1134 was published Feb 19, 2025
The Categorized Gallery Plugin plugin for WordPress is vulnerable to SQL Injection via the 'field... Moderate Unreviewed
CVE-2024-13676 was published Feb 19, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-22639 was published Feb 18, 2025
A time-based SQL injection vulnerability in the login page of BoardRoom Limited Dividend... Critical Unreviewed
CVE-2024-55460 was published Feb 18, 2025
Improperly built order clauses lead to a SQL injection vulnerability in the backend task list of... Moderate Unreviewed
CVE-2025-22207 was published Feb 18, 2025
A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary... Critical Unreviewed
CVE-2025-1023 was published Feb 18, 2025
The Tour Master - Tour Booking, Travel, Hotel plugin for WordPress is vulnerable to time-based... Moderate Unreviewed
CVE-2024-13369 was published Feb 18, 2025
The Simple Signup Form plugin for WordPress is vulnerable to SQL Injection via the 'id' attribute... Moderate Unreviewed
CVE-2024-13595 was published Feb 18, 2025
The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version)... High Unreviewed
CVE-2025-25222 was published Feb 18, 2025
The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version)... High Unreviewed
CVE-2025-25221 was published Feb 18, 2025
Orca HCM from Learning Digital has a SQL Injection vulnerability, allowing attackers with regular... High Unreviewed
CVE-2025-1389 was published Feb 17, 2025
A vulnerability classified as critical has been found in code-projects Real Estate Property... Moderate Unreviewed
CVE-2025-1374 was published Feb 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-26755 was published Feb 17, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-22290 was published Feb 17, 2025
A vulnerability was found in needyamin Library Card System 1.0. It has been rated as critical.... Moderate Unreviewed
CVE-2025-1356 was published Feb 16, 2025
The LTL Freight Quotes – Estes Edition plugin for WordPress is vulnerable to SQL Injection via... High Unreviewed
CVE-2024-13488 was published Feb 15, 2025
The WP Project Manager – Task, team, and project management plugin featuring kanban board and... Moderate Unreviewed
CVE-2024-13500 was published Feb 15, 2025
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows... Moderate Unreviewed
CVE-2025-22209 was published Feb 15, 2025
A SQL injection vulnerability in the JS Jobs plugin versions 1.1.5-1.4.3 for Joomla allows... Moderate Unreviewed
CVE-2025-22208 was published Feb 15, 2025
A SQL Injection vulnerability was found in /bpms/index.php in Source Code and Project Beauty... Moderate Unreviewed
CVE-2025-26157 was published Feb 14, 2025
A SQL Injection vulnerability was found in /shopping/track-orders.php in PHPGurukul Online... High Unreviewed
CVE-2025-26156 was published Feb 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database