Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,723
Erlang
35
GitHub Actions
29
Go
2,306
Maven
5,000+
npm
3,947
NuGet
711
pip
3,727
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

17 advisories

Loading
A vulnerability in the normalizePath function in mintplex-labs/anything-llm version git 296f041... High Unreviewed
CVE-2024-8248 was published Mar 20, 2025
A path traversal vulnerability exists in binary-husky/gpt_academic version git 310122f. The... High Unreviewed
CVE-2024-12389 was published Mar 20, 2025
A vulnerability in danny-avila/librechat version git 81f2936 allows for path traversal due to... High Unreviewed
CVE-2024-11170 was published Mar 20, 2025
A vulnerability in mintplex-labs/anything-llm prior to version 1.3.1 allows for path traversal... High Unreviewed
CVE-2024-13059 was published Feb 10, 2025
Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path... High Unreviewed
CVE-2024-51534 was published Feb 1, 2025
An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to... High Unreviewed
CVE-2024-7962 was published Oct 29, 2024
A Local File Inclusion vulnerability exists in parisneo/lollms-webui versions below v9.8. The... High Unreviewed
CVE-2024-6394 was published Sep 30, 2024
A TarSlip vulnerability exists in the deepjavalibrary/djl, affecting version 0.26.0 and fixed in... High Unreviewed
CVE-2024-2914 was published Jun 6, 2024
A path traversal vulnerability exists in the parisneo/lollms-webui, specifically within the ... High Unreviewed
CVE-2024-2178 was published Jun 2, 2024
A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically... High Unreviewed
CVE-2024-4322 was published May 16, 2024
A path traversal vulnerability exists in the 'save_settings' endpoint of the parisneo/lollms... High Unreviewed
CVE-2024-3435 was published May 16, 2024
An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path... High Unreviewed
CVE-2024-34470 was published May 6, 2024
An attacker can read any file on the filesystem on the server hosting ModelDB through an LFI in... High Unreviewed
CVE-2023-6023 was published Nov 16, 2023
Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12... High Unreviewed
CVE-2023-6130 was published Nov 14, 2023
The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by... High Unreviewed
CVE-2023-0104 was published Jul 6, 2023
Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.12.9. High Unreviewed
CVE-2023-1034 was published Feb 25, 2023
Emerson Electric's Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path... High Unreviewed
CVE-2022-2788 was published Aug 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database