GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,339
Composer 4,362
Erlang 33
GitHub Actions 22
Go 2,131
Maven 5,309
npm 3,795
NuGet 686
pip 3,473
Pub 12
RubyGems 896
Rust 894
Swift 38

Unreviewed advisories

All unreviewed 245,154

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

12,808 advisories

Filter by severity

Sort by

Least recently updated

The LTL Freight Quotes – SAIA Edition plugin for WordPress is vulnerable to SQL Injection via the... High Unreviewed

CVE-2024-13483 was published Feb 19, 2025

The Small Package Quotes – For Customers of FedEx plugin for WordPress is vulnerable to SQL... High Unreviewed

CVE-2024-13491 was published Feb 19, 2025

The LTL Freight Quotes – SEFL Edition plugin for WordPress is vulnerable to SQL Injection via the... High Unreviewed

CVE-2024-13479 was published Feb 19, 2025

The LTL Freight Quotes – ABF Freight Edition plugin for WordPress is vulnerable to SQL Injection... High Unreviewed

CVE-2024-13485 was published Feb 19, 2025

The Small Package Quotes – Worldwide Express Edition plugin for WordPress is vulnerable to SQL... High Unreviewed

CVE-2024-13534 was published Feb 19, 2025

The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is vulnerable to SQL Injection... High Unreviewed

CVE-2024-13481 was published Feb 19, 2025

The LTL Freight Quotes – TForce Edition plugin for WordPress is vulnerable to SQL Injection via... High Unreviewed

CVE-2024-13478 was published Feb 19, 2025

The Small Package Quotes – USPS Edition plugin for WordPress is vulnerable to SQL Injection via... High Unreviewed

CVE-2024-13533 was published Feb 19, 2025

The LTL Freight Quotes – Old Dominion Edition plugin for WordPress is vulnerable to SQL Injection... High Unreviewed

CVE-2024-13489 was published Feb 19, 2025

A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary... Critical Unreviewed

CVE-2025-1133 was published Feb 19, 2025

The Pollin plugin for WordPress is vulnerable to SQL Injection via the 'question' parameter in... Moderate Unreviewed

CVE-2024-13712 was published Feb 19, 2025

A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary... Critical Unreviewed

CVE-2025-1134 was published Feb 19, 2025

A time-based blind SQL Injection vulnerability exists in the ChurchCRM 5.13.0 and prior... Critical Unreviewed

CVE-2025-1132 was published Feb 19, 2025

A vulnerability exists in ChurchCRM 5.13.0. and prior that allows an attacker to execute... Critical Unreviewed

CVE-2025-1135 was published Feb 19, 2025

The Categorized Gallery Plugin plugin for WordPress is vulnerable to SQL Injection via the 'field... Moderate Unreviewed

CVE-2024-13676 was published Feb 19, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed

CVE-2025-22639 was published Feb 18, 2025

A time-based SQL injection vulnerability in the login page of BoardRoom Limited Dividend... Critical Unreviewed

CVE-2024-55460 was published Feb 18, 2025

Improperly built order clauses lead to a SQL injection vulnerability in the backend task list of... Moderate Unreviewed

CVE-2025-22207 was published Feb 18, 2025

A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary... Critical Unreviewed

CVE-2025-1023 was published Feb 18, 2025

The Tour Master - Tour Booking, Travel, Hotel plugin for WordPress is vulnerable to time-based... Moderate Unreviewed

CVE-2024-13369 was published Feb 18, 2025

The Simple Signup Form plugin for WordPress is vulnerable to SQL Injection via the 'id' attribute... Moderate Unreviewed

CVE-2024-13595 was published Feb 18, 2025

The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version)... High Unreviewed

CVE-2025-25221 was published Feb 18, 2025

The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version)... High Unreviewed

CVE-2025-25222 was published Feb 18, 2025

Orca HCM from Learning Digital has a SQL Injection vulnerability, allowing attackers with regular... High Unreviewed

CVE-2025-1389 was published Feb 17, 2025

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed

CVE-2025-22290 was published Feb 17, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

12,808 advisories