Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

13 advisories

Loading
Open WebUI Allows Viewing of Admin Details Moderate
CVE-2024-7046 was published for open-webui (pip) Mar 20, 2025
A vulnerability in binary-husky/gpt_academic version git 310122f allows for remote code execution... High Unreviewed
CVE-2024-12390 was published Mar 20, 2025
Gradio Vulnerable to Denial of Service (DoS) via Crafted Zip Bomb High
CVE-2024-10569 was published for gradio (pip) Mar 20, 2025
Undefined Behavior in mlflow Moderate
CVE-2024-3099 was published for mlflow (pip) Jun 6, 2024
A vulnerability in lunary-ai/lunary version 1.2.2 allows attackers to bypass user creation limits... Moderate Unreviewed
CVE-2024-4153 was published May 22, 2024
A vulnerability in the HTML parser of ClamAV could allow an unauthenticated, remote attacker to... High Unreviewed
CVE-2024-20380 was published Apr 18, 2024
In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling.... Moderate Unreviewed
CVE-2023-52533 was published Apr 8, 2024
Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2... Moderate Unreviewed
CVE-2023-4875 was published Sep 9, 2023
Null pointer dereference when viewing a specially crafted email in Mutt >1.5.2 <2.2.12 Moderate Unreviewed
CVE-2023-4874 was published Sep 9, 2023
distribution catalog API endpoint can lead to OOM via malicious user input High
CVE-2023-2253 was published for github.com/docker/distribution (Go) May 11, 2023
josegomezr
Undefined Behavior for Input to API in GitHub repository vim/vim prior to 9.0.0100. Moderate Unreviewed
CVE-2022-2598 was published Aug 2, 2022
Undefined behavior when users supply invalid resource handles Moderate
CVE-2022-29207 was published for tensorflow (pip) May 24, 2022
Incorrect validation of user input in the role name parser may lead to use of uninitialized... High Unreviewed
CVE-2020-7925 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database