Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,737
Maven
5,000+
npm
4,337
NuGet
764
pip
4,112
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

115,195 advisories

Loading
A path traversal vulnerability exists in binary-husky/gpt_academic version git 310122f. The... High Unreviewed
CVE-2024-12389 was published Mar 20, 2025
FastChat Server-Side Request Forgery vulnerability High
CVE-2024-12376 was published for fschat (pip) Mar 20, 2025
A Denial of Service (DoS) vulnerability was discovered in the file upload feature of netease... High Unreviewed
CVE-2024-12864 was published Mar 20, 2025
parisneo/lollms-webui version V13 (feather) suffers from a Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2024-12766 was published Mar 20, 2025
Open WebUI Uncontrolled Resource Consumption vulnerability High
CVE-2024-12537 was published for open-webui (npm) Mar 20, 2025
langgenius/dify version v0.10.1 contains a vulnerability where there are no limits applied to the... High Unreviewed
CVE-2024-12039 was published Mar 20, 2025
A local file inclusion vulnerability exists in haotian-liu/llava at commit c121f04. This... High Unreviewed
CVE-2024-12065 was published Mar 20, 2025
In lunary-ai/lunary before version 1.6.3, an improper access control vulnerability exists where a... High Unreviewed
CVE-2024-11300 was published Mar 20, 2025
GluonCV Arbitrary File Write via TarSlip High
CVE-2024-12216 was published for gluoncv (pip) Mar 20, 2025
Kedro allows Remote Code Execution by Pulling Micro Packages High
CVE-2024-12215 was published for kedro (pip) Mar 20, 2025
An IDOR (Insecure Direct Object Reference) vulnerability exists in transformeroptimus/superagi... High Unreviewed
CVE-2024-12048 was published Mar 20, 2025
Feast Cross-Origin Resource Sharing vulnerability High
CVE-2024-11602 was published for feast (pip) Mar 20, 2025
FastChat Server-Side Request Forgery vulnerability High
CVE-2024-11603 was published for fschat (pip) Mar 20, 2025
A Denial of Service (DoS) vulnerability exists in the file upload feature of haotian-liu/llava,... High Unreviewed
CVE-2024-12070 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability was discovered in haotian-liu/llava, affecting... High Unreviewed
CVE-2024-12068 was published Mar 20, 2025
Ollama Allows Out-of-Bounds Read High
CVE-2024-12055 was published for github.com/ollama/ollama (Go) Mar 20, 2025
A Denial of Service (DoS) vulnerability exists in the file upload feature of imartinez/privategpt... High Unreviewed
CVE-2024-12063 was published Mar 20, 2025
A missing check_access() function in the lollms_binding_infos module of the parisneo/lollms... High Unreviewed
CVE-2024-11302 was published Mar 20, 2025
A vulnerability in haotian-liu/llava version 1.2.0 (LLaVA-1.6) allows for Server-Side Request... High Unreviewed
CVE-2024-11449 was published Mar 20, 2025
vllm-project vllm version 0.5.2.2 is vulnerable to Denial of Service attacks. The issue occurs in... High Unreviewed
CVE-2024-11040 was published Mar 20, 2025
In the `manim` plugin of binary-husky/gpt_academic, versions prior to the fix, a vulnerability... High Unreviewed
CVE-2024-10954 was published Mar 20, 2025
GPT Academic version 3.83 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability... High Unreviewed
CVE-2024-11030 was published Mar 20, 2025
In version 3.83 of binary-husky/gpt_academic, a Server-Side Request Forgery (SSRF) vulnerability... High Unreviewed
CVE-2024-11031 was published Mar 20, 2025
FastChat Uncontrolled Resource Consumption vulnerability High
CVE-2024-10907 was published for fschat (pip) Mar 20, 2025
GPT Academic version 3.83 is vulnerable to a Local File Read (LFI) vulnerability through its... High Unreviewed
CVE-2024-10986 was published Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database