GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
169 advisories
Filter by severity
LlamaIndex Uncontrolled Resource Consumption vulnerability
Moderate
CVE-2024-12910
was published
for
llama-index
(pip)
Mar 20, 2025
imaginAIry Denial of Service (DoS) vulnerability
High
CVE-2024-12761
was published
for
imaginAIry
(pip)
Mar 20, 2025
Open WebUI Uncontrolled Resource Consumption vulnerability
High
CVE-2024-12537
was published
for
open-webui
(npm)
Mar 20, 2025
Open WebUI Uncontrolled Resource Consumption vulnerability
High
CVE-2024-12534
was published
for
open-webui
(npm)
Mar 20, 2025
BentoML vulnerable to Uncontrolled Resource Consumption
High
GHSA-hh3j-9m59-p8vc
was published
for
bentoml
(pip)
Mar 20, 2025
InvokeAI Uncontrolled Resource Consumption vulnerability
High
CVE-2024-11043
was published
for
InvokeAI
(pip)
Mar 20, 2025
FastChat Denial of Service vulnerability
High
CVE-2024-10912
was published
for
fschat
(pip)
Mar 20, 2025
FastChat Uncontrolled Resource Consumption vulnerability
High
CVE-2024-10907
was published
for
fschat
(pip)
Mar 20, 2025
InvokeAI has Denial of Service (DoS) vulnerability in `/api/v1/images/upload`
High
CVE-2024-10821
was published
for
InvokeAI
(pip)
Mar 20, 2025
DB-GPT Uncontrolled Resource Consumption vulnerability
High
CVE-2024-10829
was published
for
dbgpt
(pip)
Mar 20, 2025
HyperLPR Denial of Service vulnerability
High
CVE-2024-10713
was published
for
hyperlpr3
(pip)
Mar 20, 2025
H2O Vulnerable to Denial of Service (DoS) and File Write
High
CVE-2024-10572
was published
for
ai.h2o:h2o-ext-xgboost
(Maven)
Mar 20, 2025
H2O Vulnerable to Denial of Service (DoS) via `/3/Parse` Endpoint
High
CVE-2024-10549
was published
for
ai.h2o:h2o-core
(Maven)
Mar 20, 2025
Gradio Vulnerable to Denial of Service (DoS) via Crafted HTTP Request
High
CVE-2024-10624
was published
for
gradio
(pip)
Mar 20, 2025
LiteLLM Vulnerable to Denial of Service (DoS)
High
CVE-2024-10188
was published
for
litellm
(pip)
Mar 20, 2025
Aim Vulnerable to Denial of Service (DoS)
High
CVE-2024-10110
was published
for
aim
(pip)
Mar 20, 2025
PostQuantum-Feldman-VSS'S Dependency Vulnerability in gmpy2 Leading to Interpreter Crash
High
GHSA-v432-7f47-9g94
was published
for
PostQuantum-Feldman-VSS
(pip)
Mar 17, 2025
Tornado has an HTTP cookie parsing DoS vulnerability
High
CVE-2024-52804
was published
for
tornado
(pip)
Nov 22, 2024
wasm3 uncontrolled memory allocation vulnerability
Moderate
CVE-2024-27529
was published
for
github.com/shareup/wasm-interpreter-apple
(pip)
Nov 9, 2024
Werkzeug possible resource exhaustion when parsing file data in forms
Moderate
CVE-2024-49767
was published
for
Quart
(pip)
Oct 25, 2024
Exiv2 has a denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder
Moderate
CVE-2024-25112
was published
for
exiv2
(pip)
Oct 17, 2024
Django vulnerable to denial-of-service attack via the urlize() and urlizetrunc() template filters
Moderate
CVE-2024-45230
was published
for
Django
(pip)
Oct 8, 2024
vLLM Denial of Service via the best_of parameter
Moderate
CVE-2024-8939
was published
for
vllm
(pip)
Sep 17, 2024
Django memory consumption vulnerability
Moderate
CVE-2024-41989
was published
for
Django
(pip)
Aug 7, 2024
Fiona affected by CVE-2020-14152 related to madler-zlib
High
GHSA-g4m4-9q4c-mfw6
was published
for
fiona
(pip)
Jul 16, 2024
ProTip!
Advisories are also available from the
GraphQL API