Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,406
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,641
Pub
13
RubyGems
1,026
Rust
1,209
Swift
53
Unreviewed advisories
All unreviewed
5,000+

16,722 advisories

Loading
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate... High Unreviewed
CVE-2019-25696 was published Apr 5, 2026
Advance Gift Shop Pro Script 2.0.3 contains an SQL injection vulnerability that allows... High Unreviewed
CVE-2019-25680 was published Apr 5, 2026
OpenDocMan 1.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2019-25684 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers... High Unreviewed
CVE-2019-25688 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate... High Unreviewed
CVE-2019-25704 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows unauthenticated attackers... High Unreviewed
CVE-2019-25694 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate... High Unreviewed
CVE-2019-25690 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate... High Unreviewed
CVE-2019-25692 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate... High Unreviewed
CVE-2019-25702 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate... High Unreviewed
CVE-2019-25698 was published Apr 5, 2026
Kados R10 GreenBee contains an SQL injection vulnerability that allows attackers to manipulate... High Unreviewed
CVE-2019-25700 was published Apr 5, 2026
PilusCart 1.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2019-25672 was published Apr 5, 2026
qdPM 9.1 contains an SQL injection vulnerability that allows attackers to manipulate database... High Unreviewed
CVE-2019-25669 was published Apr 5, 2026
CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2019-25674 was published Apr 5, 2026
News Website Script 2.0.5 contains an SQL injection vulnerability that allows unauthenticated... High Unreviewed
CVE-2019-25668 was published Apr 5, 2026
eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers... High Unreviewed
CVE-2019-25675 was published Apr 5, 2026
SuiteCRM 7.10.7 contains a SQL injection vulnerability that allows authenticated attackers to... High Unreviewed
CVE-2019-25663 was published Apr 5, 2026
ResourceSpace 8.6 contains an SQL injection vulnerability that allows unauthenticated attackers... High Unreviewed
CVE-2019-25662 was published Apr 5, 2026
SuiteCRM 7.10.7 contains a time-based SQL injection vulnerability in the record parameter of the... High Unreviewed
CVE-2019-25664 was published Apr 5, 2026
OpenSTAManager has a SQL Injection via righe Parameter in confronta_righe Modals High
CVE-2026-35470 was published for devcode-it/openstamanager (Composer) Apr 3, 2026
ormzro Credited to ormzro
** UNSUPPORTED WHEN ASSIGNED ** Focalboard version 8.0 fails to sanitize category IDs before... High Unreviewed
CVE-2026-25773 was published Apr 3, 2026
OpenSTAManager: SQL Injection via Aggiornamenti Module High
CVE-2026-35168 was published for devcode-it/openstamanager (Composer) Apr 3, 2026
ormzro Credited to ormzro
An unauthenticated remote attacker can exploit an unauthenticated blind SQL Injection... High Unreviewed
CVE-2026-33616 was published Apr 2, 2026
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in... High Unreviewed
CVE-2026-33614 was published Apr 2, 2026
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in... Critical Unreviewed
CVE-2026-33615 was published Apr 2, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database