GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
1,511 advisories
Filter by severity
LlamaIndex vulnerable to Creation of Temporary File in Directory with Insecure Permissions
High
CVE-2024-12911
was published
for
llama-index
(pip)
Mar 20, 2025
Aim Uncontrolled Resource Consumption vulnerability
High
CVE-2024-12778
was published
for
aim
(pip)
Mar 20, 2025
Open WebUI has vulnerable dependency on starlette via fastapi
High
GHSA-w466-2wfc-8g58
was published
for
open-webui
(pip)
Mar 20, 2025
imaginAIry Denial of Service (DoS) vulnerability
High
CVE-2024-12761
was published
for
imaginAIry
(pip)
Mar 20, 2025
Open WebUI Uncontrolled Resource Consumption vulnerability
High
CVE-2024-12534
was published
for
open-webui
(npm)
Mar 20, 2025
LlamaIndex Improper Handling of Exceptional Conditions vulnerability
High
CVE-2024-12704
was published
for
llama_index
(pip)
Mar 20, 2025
FastChat Server-Side Request Forgery vulnerability
High
CVE-2024-12376
was published
for
fschat
(pip)
Mar 20, 2025
Open WebUI Uncontrolled Resource Consumption vulnerability
High
CVE-2024-12537
was published
for
open-webui
(npm)
Mar 20, 2025
BentoML vulnerable to Uncontrolled Resource Consumption
High
GHSA-hh3j-9m59-p8vc
was published
for
bentoml
(pip)
Mar 20, 2025
Feast Cross-Origin Resource Sharing vulnerability
High
CVE-2024-11602
was published
for
feast
(pip)
Mar 20, 2025
Kedro allows Remote Code Execution by Pulling Micro Packages
High
CVE-2024-12215
was published
for
kedro
(pip)
Mar 20, 2025
GluonCV Arbitrary File Write via TarSlip
High
CVE-2024-12216
was published
for
gluoncv
(pip)
Mar 20, 2025
FastChat Server-Side Request Forgery vulnerability
High
CVE-2024-11603
was published
for
fschat
(pip)
Mar 20, 2025
FastChat Uncontrolled Resource Consumption vulnerability
High
CVE-2024-10907
was published
for
fschat
(pip)
Mar 20, 2025
FastChat Denial of Service vulnerability
High
CVE-2024-10912
was published
for
fschat
(pip)
Mar 20, 2025
InvokeAI Uncontrolled Resource Consumption vulnerability
High
CVE-2024-11043
was published
for
InvokeAI
(pip)
Mar 20, 2025
HyperLPR Denial of Service vulnerability
High
CVE-2024-10713
was published
for
hyperlpr3
(pip)
Mar 20, 2025
InvokeAI has Denial of Service (DoS) vulnerability in `/api/v1/images/upload`
High
CVE-2024-10821
was published
for
InvokeAI
(pip)
Mar 20, 2025
DB-GPT Uncontrolled Resource Consumption vulnerability
High
CVE-2024-10829
was published
for
dbgpt
(pip)
Mar 20, 2025
DB-GPT vulnerable to Cross-Site Request Forgery
High
CVE-2024-10906
was published
for
dbgpt
(pip)
Mar 20, 2025
Gradio Vulnerable to Denial of Service (DoS) via Crafted HTTP Request
High
CVE-2024-10624
was published
for
gradio
(pip)
Mar 20, 2025
Gradio Vulnerable to Arbitrary File Deletion
High
CVE-2024-10648
was published
for
gradio
(pip)
Mar 20, 2025
H2O Vulnerable to Denial of Service (DoS) via `/3/ParseSetup` Endpoint
High
CVE-2024-10550
was published
for
ai.h2o:h2o-core
(Maven)
Mar 20, 2025
ProTip!
Advisories are also available from the
GraphQL API