Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

104,444 advisories

Loading
An issue in obgm and Libcoap v.a3ed466 allows a remote attacker to cause a denial of service via... High Unreviewed
CVE-2023-51847 was published Jun 7, 2024
Under certain circumstances communications between the ICU tool and an iSTAR Pro door controller... High Unreviewed
CVE-2024-32752 was published Jun 6, 2024
kubeflow/kubeflow is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to... High Unreviewed
CVE-2024-5552 was published Jun 6, 2024
onnx allows Arbitrary File Overwrite in download_model_with_test_data High
CVE-2024-5187 was published for onnx (pip) Jun 6, 2024
stevegrubb
A path traversal vulnerability exists in the 'cyber_security/codeguard' native personality of the... High Unreviewed
CVE-2024-3322 was published Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the stangirard/quivr application,... High Unreviewed
CVE-2024-4851 was published Jun 6, 2024
lunary-ai/lunary XSS in SAML metadata endpoint High
CVE-2024-5478 was published for lunary (npm) Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the lunary-ai/lunary application,... High Unreviewed
CVE-2024-5328 was published Jun 6, 2024
A Privilege Escalation Vulnerability exists in lunary-ai/lunary version 1.2.2, where any user can... High Unreviewed
CVE-2024-5129 was published Jun 6, 2024
An improper access control vulnerability exists in the lunary-ai/lunary repository, specifically... High Unreviewed
CVE-2024-5126 was published Jun 6, 2024
A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically... High Unreviewed
CVE-2024-5124 was published Jun 6, 2024
A stored Cross-Site Scripting (XSS) vulnerability exists in the mintplex-labs/anything-llm... High Unreviewed
CVE-2024-3110 was published Jun 6, 2024
In mintplex-labs/anything-llm, a vulnerability exists in the thread update process that allows... High Unreviewed
CVE-2024-3150 was published Jun 6, 2024
Arbitrary file deletion in litellm High
CVE-2024-4888 was published for litellm (pip) Jun 6, 2024
LoLLMS Path Traversal vulnerability High
CVE-2024-3429 was published for lollms (pip) Jun 6, 2024
Authentication bypass in dtale High
CVE-2024-3408 was published for dtale (pip) Jun 6, 2024
Kofax Power PDF PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-5305 was published Jun 6, 2024
Kofax Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-5304 was published Jun 6, 2024
Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-5306 was published Jun 6, 2024
An Improper Access Control vulnerability exists in the lunary-ai/lunary repository, affecting... High Unreviewed
CVE-2024-5131 was published Jun 6, 2024
An Incorrect Authorization vulnerability exists in lunary-ai/lunary versions up to and including... High Unreviewed
CVE-2024-5130 was published Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload section of imartinez... High Unreviewed
CVE-2024-5186 was published Jun 6, 2024
LoLLMS Path Traversal vulnerability High
CVE-2024-4881 was published for lollms (pip) Jun 6, 2024
AutoGPT, a component of significant-gravitas/autogpt, is vulnerable to an improper neutralization... High Unreviewed
CVE-2024-1881 was published Jun 6, 2024
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when... High Unreviewed
CVE-2024-36740 was published Jun 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database