Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,123 advisories

Loading
RestrictedPython information leakage via `AttributeError.obj` and the `string` module High
CVE-2024-47532 was published for RestrictedPython (pip) Sep 30, 2024
Quasar0147 dronex7070
d-maurer
Heap-based Buffer Overflow in sqlite-vec High
CVE-2024-46488 was published for sqlite-vec (RubyGems) Sep 25, 2024
OAuth2 client ID and secret exposed through the web browser High
CVE-2024-9014 was published for pgadmin4 (pip) Sep 23, 2024
m3t3kh4n
Mesop has a local file Inclusion via static file serving functionality High
CVE-2024-45601 was published for mesop (pip) Sep 18, 2024
Letm3through
Guardrails has an arbitrary code execution vulnerability High
CVE-2024-45858 was published for guardrails-ai (pip) Sep 18, 2024
sqlitedict insecure deserialization vulnerability High
CVE-2024-35515 was published for sqlitedict (pip) Sep 18, 2024
vLLM denial of service vulnerability High
CVE-2024-8768 was published for vllm (pip) Sep 17, 2024
Sentry improperly authorizes muting of alert rules High
CVE-2024-45606 was published for sentry (pip) Sep 17, 2024
emanuelbeni
LiteLLM Server-Side Request Forgery (SSRF) vulnerability High
CVE-2024-6587 was published for litellm (pip) Sep 13, 2024
Cleanlab Deserialization of Untrusted Data vulnerability High
CVE-2024-45857 was published for cleanlab (pip) Sep 12, 2024
MindsDB Deserialization of Untrusted Data vulnerability High
CVE-2024-45853 was published for mindsdb (pip) Sep 12, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45851 was published for mindsdb (pip) Sep 12, 2024
MindsDB Deserialization of Untrusted Data vulnerability High
CVE-2024-45852 was published for mindsdb (pip) Sep 12, 2024
MindsDB Deserialization of Untrusted Data vulnerability High
CVE-2024-45854 was published for mindsdb (pip) Sep 12, 2024
MindsDB Deserialization of Untrusted Data vulnerability High
CVE-2024-45855 was published for mindsdb (pip) Sep 12, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45847 was published for mindsdb (pip) Sep 12, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45846 was published for mindsdb (pip) Sep 12, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45849 was published for mindsdb (pip) Sep 12, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45848 was published for mindsdb (pip) Sep 12, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45850 was published for mindsdb (pip) Sep 12, 2024
Refuel Autolab Eval Injection vulnerability High
CVE-2024-27321 was published for refuel-autolabel (pip) Sep 12, 2024
Refuel Autolab Eval Injection vulnerability High
CVE-2024-27320 was published for refuel-autolabel (pip) Sep 12, 2024
Apache Airflow vulnerable to Execution with Unnecessary Privileges High
CVE-2024-45034 was published for apache-airflow (pip) Sep 7, 2024
Apache Airflow vulnerable to Improper Encoding or Escaping of Output High
CVE-2024-45498 was published for apache-airflow (pip) Sep 7, 2024
HTML injection in JupyterLite leading to DOM Clobbering High
GHSA-gj55-2xf9-67rq was published for jupyterlite-core (pip) Sep 6, 2024
ishmeals jackfromeast
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database