Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

59 advisories

Loading
Path Traversal: '\..\filename' in GitHub repository stitionai/devika prior to -. Critical Unreviewed
CVE-2024-5926 was published Jun 30, 2024
An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path... High Unreviewed
CVE-2024-34470 was published May 6, 2024
Path Traversal: '\..\filename' in aimhubio/aim Critical Unreviewed
CVE-2024-6396 was published Jul 12, 2024
Zip slip in opencart High
CVE-2024-21518 was published for opencart/opencart (Composer) Jun 22, 2024
mlflow Path Traversal vulnerability Critical
CVE-2023-2780 was published for mlflow (pip) May 17, 2023
MLflow Path Traversal Vulnerability High
CVE-2023-6909 was published for mlflow (pip) Dec 20, 2023
LoLLMS Path Traversal vulnerability High
CVE-2024-3429 was published for lollms (pip) Jun 6, 2024
A TarSlip vulnerability exists in the deepjavalibrary/djl, affecting version 0.26.0 and fixed in... High Unreviewed
CVE-2024-2914 was published Jun 6, 2024
A Local File Inclusion vulnerability exists in parisneo/lollms-webui versions below v9.8. The... High Unreviewed
CVE-2024-6394 was published Sep 30, 2024
mlflow is vulnerable to remote file access in `mlflow server` and `mlflow ui` CLIs Critical
CVE-2023-1177 was published for mlflow (pip) Mar 24, 2023
A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui... Critical Unreviewed
CVE-2024-2624 was published Jun 6, 2024
parisneo/lollms-webui is vulnerable to path traversal attacks that can lead to remote code... Critical Unreviewed
CVE-2024-2360 was published Jun 6, 2024
A remote code execution (RCE) vulnerability exists in the '/install_extension' endpoint of the... Critical Unreviewed
CVE-2024-4320 was published Jun 6, 2024
An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to... High Unreviewed
CVE-2024-7962 was published Oct 29, 2024
Langchain Path Traversal vulnerability Moderate
CVE-2024-7774 was published for langchain (npm) Oct 29, 2024
hinthornw
Ray Path Traversal vulnerability Critical
CVE-2023-6021 was published for ray (pip) Nov 16, 2023
cpropps-sysdig
Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path... High Unreviewed
CVE-2024-51534 was published Feb 1, 2025
luigi Arbitrary File Write via Archive Extraction (Zip Slip) High
CVE-2024-21542 was published for luigi (pip) Dec 10, 2024
A vulnerability in danny-avila/librechat version git 81f2936 allows for path traversal due to... High Unreviewed
CVE-2024-11170 was published Mar 20, 2025
A Local File Inclusion (LFI) vulnerability in OpenLLM version 0.6.10 allows attackers to include... Moderate Unreviewed
CVE-2024-8982 was published Mar 20, 2025
A path traversal vulnerability exists in binary-husky/gpt_academic version git 310122f. The... High Unreviewed
CVE-2024-12389 was published Mar 20, 2025
An arbitrary file overwrite vulnerability exists in the ZulipConnector of danswer-ai/danswer,... Critical Unreviewed
CVE-2024-7957 was published Mar 20, 2025
A vulnerability in the normalizePath function in mintplex-labs/anything-llm version git 296f041... High Unreviewed
CVE-2024-8248 was published Mar 20, 2025
Gradio Vulnerable to Arbitrary File Deletion High
CVE-2024-10648 was published for gradio (pip) Mar 20, 2025
AgentScope path traversal vulnerability Critical
CVE-2024-8537 was published for agentscope (pip) Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database