Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

59 advisories

Loading
A path traversal vulnerability exists in binary-husky/gpt_academic version git 310122f. The... High Unreviewed
CVE-2024-12389 was published Mar 20, 2025
Open WebUI Allows Arbitrary File Write via the `download_model` Endpoint Moderate
CVE-2024-7033 was published for open-webui (pip) Mar 20, 2025
An arbitrary file overwrite vulnerability exists in the ZulipConnector of danswer-ai/danswer,... Critical Unreviewed
CVE-2024-7957 was published Mar 20, 2025
AgentScope path traversal vulnerability Critical
CVE-2024-8537 was published for agentscope (pip) Mar 20, 2025
A vulnerability in the normalizePath function in mintplex-labs/anything-llm version git 296f041... High Unreviewed
CVE-2024-8248 was published Mar 20, 2025
Aim path traversal in LockManager.release_locks Critical
CVE-2024-8769 was published for aim (pip) Mar 20, 2025
A Local File Inclusion (LFI) vulnerability in OpenLLM version 0.6.10 allows attackers to include... Moderate Unreviewed
CVE-2024-8982 was published Mar 20, 2025
MLflow has a Local File Read/Path Traversal in dbfs High
CVE-2024-8859 was published for mlflow (pip) Mar 20, 2025
LlamaIndex vulnerable to Path Traversal attack through its encode_image function High
CVE-2025-6209 was published for llama-index-core (pip) Jul 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database