GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
45 advisories
Filter by severity
Langchain Path Traversal vulnerability
Moderate
CVE-2024-7774
was published
for
langchain
(npm)
Oct 29, 2024
An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to...
High
Unreviewed
CVE-2024-7962
was published
Oct 29, 2024
A remote code execution (RCE) vulnerability exists in the '/install_extension' endpoint of the...
Critical
Unreviewed
CVE-2024-4320
was published
Jun 6, 2024
parisneo/lollms-webui is vulnerable to path traversal attacks that can lead to remote code...
Critical
Unreviewed
CVE-2024-2360
was published
Jun 6, 2024
A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui...
Critical
Unreviewed
CVE-2024-2624
was published
Jun 6, 2024
mlflow is vulnerable to remote file access in `mlflow server` and `mlflow ui` CLIs
Critical
CVE-2023-1177
was published
for
mlflow
(pip)
Mar 24, 2023
A Local File Inclusion vulnerability exists in parisneo/lollms-webui versions below v9.8. The...
High
Unreviewed
CVE-2024-6394
was published
Sep 30, 2024
A TarSlip vulnerability exists in the deepjavalibrary/djl, affecting version 0.26.0 and fixed in...
High
Unreviewed
CVE-2024-2914
was published
Jun 6, 2024
mlflow Path Traversal vulnerability
Critical
CVE-2023-2780
was published
for
mlflow
(pip)
May 17, 2023
Zip slip in opencart
High
CVE-2024-21518
was published
for
opencart/opencart
(Composer)
Jun 22, 2024
Path Traversal: '\..\filename' in aimhubio/aim
Critical
Unreviewed
CVE-2024-6396
was published
Jul 12, 2024
An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path...
High
Unreviewed
CVE-2024-34470
was published
May 6, 2024
Path Traversal: '\..\filename' in GitHub repository stitionai/devika prior to -.
Critical
Unreviewed
CVE-2024-5926
was published
Jun 30, 2024
lollms vulnerable to dot-dot-slash path traversal in XTTS server
High
CVE-2024-6139
was published
for
lollms
(pip)
Jun 27, 2024
Remote Code Execution via path traversal bypass in lollms
Critical
CVE-2024-5443
was published
for
lollms
(pip)
Jun 22, 2024
A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the ...
Moderate
Unreviewed
CVE-2024-4841
was published
Jun 23, 2024
A path traversal vulnerability in mintplex-labs/anything-llm allowed a manager to bypass the ...
Critical
Unreviewed
CVE-2024-5211
was published
Jun 12, 2024
A path traversal vulnerability exists in the parisneo/lollms-webui, specifically within the ...
High
Unreviewed
CVE-2024-2178
was published
Jun 2, 2024
MLflow has a Local File Read/Path Traversal bypass
High
CVE-2024-3848
was published
for
mlflow
(pip)
May 16, 2024
A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically...
High
Unreviewed
CVE-2024-4322
was published
May 16, 2024
A path traversal vulnerability exists in the 'save_settings' endpoint of the parisneo/lollms...
High
Unreviewed
CVE-2024-3435
was published
May 16, 2024
A vulnerability in the parisneo/lollms-webui allows for arbitrary file upload and read due to...
Critical
Unreviewed
CVE-2024-2361
was published
May 16, 2024
ProTip!
Advisories are also available from the
GraphQL API