GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,121 advisories
Filter by severity
RestrictedPython information leakage via `AttributeError.obj` and the `string` module
High
CVE-2024-47532
was published
for
RestrictedPython
(pip)
Sep 30, 2024
Mesop has a local file Inclusion via static file serving functionality
High
CVE-2024-45601
was published
for
mesop
(pip)
Sep 18, 2024
sqlitedict insecure deserialization vulnerability
High
CVE-2024-35515
was published
for
sqlitedict
(pip)
Sep 18, 2024
Guardrails has an arbitrary code execution vulnerability
High
CVE-2024-45858
was published
for
guardrails-ai
(pip)
Sep 18, 2024
Sentry improperly authorizes muting of alert rules
High
CVE-2024-45606
was published
for
sentry
(pip)
Sep 17, 2024
LiteLLM Server-Side Request Forgery (SSRF) vulnerability
High
CVE-2024-6587
was published
for
litellm
(pip)
Sep 13, 2024
Cleanlab Deserialization of Untrusted Data vulnerability
High
CVE-2024-45857
was published
for
cleanlab
(pip)
Sep 12, 2024
MindsDB Deserialization of Untrusted Data vulnerability
High
CVE-2024-45853
was published
for
mindsdb
(pip)
Sep 12, 2024
MindsDB Eval Injection vulnerability
High
CVE-2024-45851
was published
for
mindsdb
(pip)
Sep 12, 2024
MindsDB Deserialization of Untrusted Data vulnerability
High
CVE-2024-45852
was published
for
mindsdb
(pip)
Sep 12, 2024
MindsDB Deserialization of Untrusted Data vulnerability
High
CVE-2024-45854
was published
for
mindsdb
(pip)
Sep 12, 2024
MindsDB Deserialization of Untrusted Data vulnerability
High
CVE-2024-45855
was published
for
mindsdb
(pip)
Sep 12, 2024
Refuel Autolab Eval Injection vulnerability
High
CVE-2024-27320
was published
for
refuel-autolabel
(pip)
Sep 12, 2024
MindsDB Eval Injection vulnerability
High
CVE-2024-45847
was published
for
mindsdb
(pip)
Sep 12, 2024
MindsDB Eval Injection vulnerability
High
CVE-2024-45846
was published
for
mindsdb
(pip)
Sep 12, 2024
MindsDB Eval Injection vulnerability
High
CVE-2024-45849
was published
for
mindsdb
(pip)
Sep 12, 2024
MindsDB Eval Injection vulnerability
High
CVE-2024-45848
was published
for
mindsdb
(pip)
Sep 12, 2024
MindsDB Eval Injection vulnerability
High
CVE-2024-45850
was published
for
mindsdb
(pip)
Sep 12, 2024
Refuel Autolab Eval Injection vulnerability
High
CVE-2024-27321
was published
for
refuel-autolabel
(pip)
Sep 12, 2024
Apache Airflow vulnerable to Improper Encoding or Escaping of Output
High
CVE-2024-45498
was published
for
apache-airflow
(pip)
Sep 7, 2024
Apache Airflow vulnerable to Execution with Unnecessary Privileges
High
CVE-2024-45034
was published
for
apache-airflow
(pip)
Sep 7, 2024
HTML injection in JupyterLite leading to DOM Clobbering
High
GHSA-gj55-2xf9-67rq
was published
for
jupyterlite-core
(pip)
Sep 6, 2024
`spam` project on PyPI compromised, malicious releases made
High
GHSA-2r6g-7r83-jg72
was published
for
spam
(pip)
Aug 30, 2024
opencv-python bundled libwebp binaries in wheels that are vulnerable to CVE-2023-4863
High
GHSA-qr4w-53vh-m672
was published
for
opencv-python
(pip)
Aug 30, 2024
ProTip!
Advisories are also available from the
GraphQL API