GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,300
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
920
Rust
960
Swift
38
Unreviewed advisories
All unreviewed
5,000+
2,778 advisories
Filter by severity
Quivr unauthenticated Denial of Service (DoS) via Multipart Boundary
High
CVE-2024-9229
was published
for
quivr-core
(pip)
Mar 20, 2025
Gradio DOS in multipart boundry while uploading the file
High
CVE-2024-8966
was published
for
gradio
(pip)
Mar 20, 2025
A Regular Expression Denial of Service (ReDoS) vulnerability exists in lunary-ai/lunary version...
High
Unreviewed
CVE-2024-8998
was published
Mar 20, 2025
LiteLLM Vulnerable to Denial of Service (DoS) via Crafted HTTP Request
High
CVE-2024-8984
was published
for
litellm
(pip)
Mar 20, 2025
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary...
High
Unreviewed
CVE-2024-8763
was published
Mar 20, 2025
Lunary-ai/lunary version git 105a3f6 is vulnerable to a Regular Expression Denial of Service ...
High
Unreviewed
CVE-2024-8789
was published
Mar 20, 2025
A Denial of Service (DoS) vulnerability exists in multiple file upload endpoints of parisneo...
High
Unreviewed
CVE-2024-8736
was published
Mar 20, 2025
Open WebUI denial of service through endpoint for converting markdown
High
CVE-2024-7983
was published
for
open-webui
(pip)
Mar 20, 2025
Aim allows denial of service due to no timeouts for some tracking server endpoints
High
CVE-2024-8061
was published
for
aim
(pip)
Mar 20, 2025
A vulnerability in imartinez/privategpt version 0.5.0 allows for a Denial of Service (DOS) attack...
High
Unreviewed
CVE-2024-8018
was published
Mar 20, 2025
A vulnerability in danswer-ai/danswer v0.3.94 allows an attacker to cause a Denial of Service ...
High
Unreviewed
CVE-2024-8028
was published
Mar 20, 2025
A vulnerability in danswer-ai/danswer version 1 allows an attacker to perform a Regular...
High
Unreviewed
CVE-2024-7779
was published
Mar 20, 2025
H2O Vulnerable to Denial of Service (DoS) via `/3/ImportFiles` Endpoint
High
CVE-2024-7768
was published
for
ai.h2o:h2o-core
(Maven)
Mar 20, 2025
A vulnerability in the Dockerized version of mintplex-labs/anything-llm (latest, digest...
Moderate
Unreviewed
CVE-2024-7771
was published
Mar 20, 2025
Open WebUI Unauthenticated Multipart Boundary Denial of Service (DoS) Vulnerability in api/chat/file
High
GHSA-6wj5-5pgr-jwq8
was published
for
open-webui
(pip)
Mar 20, 2025
A vulnerability in open-webui/open-webui v0.3.8 allows an unauthenticated attacker to sign up...
High
Unreviewed
CVE-2024-7036
was published
Mar 20, 2025
MLflow Uncontrolled Resource Consumption vulnerability
Moderate
CVE-2024-6838
was published
for
mlflow
(pip)
Mar 20, 2025
Ollama Vulnerable to Denial of Service (DoS) via Crafted GZIP
High
CVE-2024-12886
was published
for
github.com/ollama/ollama
(Go)
Mar 20, 2025
Aim Uncontrolled Resource Consumption vulnerability
High
CVE-2024-12778
was published
for
aim
(pip)
Mar 20, 2025
LlamaIndex Uncontrolled Resource Consumption vulnerability
Moderate
CVE-2024-12910
was published
for
llama-index
(pip)
Mar 20, 2025
Open WebUI has vulnerable dependency on starlette via fastapi
High
GHSA-w466-2wfc-8g58
was published
for
open-webui
(pip)
Mar 20, 2025
Open WebUI Uncontrolled Resource Consumption vulnerability
High
CVE-2024-12534
was published
for
open-webui
(npm)
Mar 20, 2025
imaginAIry Denial of Service (DoS) vulnerability
High
CVE-2024-12761
was published
for
imaginAIry
(pip)
Mar 20, 2025
A Denial of Service (DoS) vulnerability was discovered in the file upload feature of netease...
High
Unreviewed
CVE-2024-12864
was published
Mar 20, 2025
Open WebUI Uncontrolled Resource Consumption vulnerability
High
CVE-2024-12537
was published
for
open-webui
(npm)
Mar 20, 2025
ProTip!
Advisories are also available from the
GraphQL API