Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

115,267 advisories

Loading
Ollama Divide By Zero vulnerability High
CVE-2025-0317 was published for github.com/ollama/ollama (Go) Mar 20, 2025
A vulnerability in danswer-ai/danswer version 0.9.0 allows for denial of service through memory... High Unreviewed
CVE-2025-0182 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability was identified in the Requests utility of... High Unreviewed
CVE-2025-0454 was published Mar 20, 2025
Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability High
GHSA-5ccf-884p-4jjq was published for open-webui (npm) Mar 20, 2025
A missing authentication check in the uninstall endpoint of parisneo/lollms-webui V13 allows... High Unreviewed
CVE-2024-9919 was published Mar 20, 2025
A command injection vulnerability exists in the `pandas.DataFrame.query` function of pandas-dev... High Unreviewed
CVE-2024-9880 was published Mar 20, 2025
ZenML unauthenticated DoS via Multipart Boundry High
CVE-2024-9340 was published for zenml (pip) Mar 20, 2025
SuperAGI version v0.0.14 is vulnerable to an unauthenticated Denial of Service (DoS) attack. The... High Unreviewed
CVE-2024-9437 was published Mar 20, 2025
A Path Traversal vulnerability exists in the file upload functionality of transformeroptimus... High Unreviewed
CVE-2024-9415 was published Mar 20, 2025
A Path Traversal vulnerability exists in the `/wipe_database` endpoint of parisneo/lollms version... High Unreviewed
CVE-2024-9597 was published Mar 20, 2025
An unauthorized file deletion vulnerability exists in the latest version of the Polyaxon platform... High Unreviewed
CVE-2024-9363 was published Mar 20, 2025
FlatPress CMS version latest is vulnerable to Cross-Site Request Forgery (CSRF) attacks that... High Unreviewed
CVE-2024-9847 was published Mar 20, 2025
An unauthenticated directory traversal vulnerability exists in Polyaxon, affecting the latest... High Unreviewed
CVE-2024-9362 was published Mar 20, 2025
SuperAGI is vulnerable to remote code execution in the latest version. The `agent template update... High Unreviewed
CVE-2024-9439 was published Mar 20, 2025
LiteLLM Reveals Portion of API Key via a Logging File High
CVE-2024-9606 was published for litellm (pip) Mar 20, 2025
A vulnerability in the file upload functionality of the FlatPress CMS admin panel (version latest... High Unreviewed
CVE-2024-9699 was published Mar 20, 2025
man-group dtale version <= 3.13.1 contains a vulnerability where the query parameters from the... High Unreviewed
CVE-2024-9016 was published Mar 20, 2025
BentoML Denial of Service (DoS) via Multipart Boundary High
CVE-2024-9056 was published for bentoml (pip) Mar 20, 2025
In lunary-ai/lunary before version 1.4.30, a privilege escalation vulnerability exists where... High Unreviewed
CVE-2024-9098 was published Mar 20, 2025
Quivr unauthenticated Denial of Service (DoS) via Multipart Boundary High
CVE-2024-9229 was published for quivr-core (pip) Mar 20, 2025
In lunary-ai/lunary version 1.4.28, the /checklists/:id route allows low-privilege users to... High Unreviewed
CVE-2024-9096 was published Mar 20, 2025
In lunary-ai/lunary before version 1.4.26, the checklists.post() endpoint allows users to create... High Unreviewed
CVE-2024-9000 was published Mar 20, 2025
An authentication bypass vulnerability exists in gaizhenbiao/ChuanhuChatGPT, as of commit 3856d4f... High Unreviewed
CVE-2024-9216 was published Mar 20, 2025
In lunary-ai/lunary version v1.4.29, the GET /projects API endpoint exposes both public and... High Unreviewed
CVE-2024-9099 was published Mar 20, 2025
Gradio DOS in multipart boundry while uploading the file High
CVE-2024-8966 was published for gradio (pip) Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database