Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,311 advisories

Loading
A vulnerability in imartinez/privategpt version 0.5.0 allows for a Denial of Service (DOS) attack... High Unreviewed
CVE-2024-8018 was published Mar 20, 2025
A vulnerability in danswer-ai/danswer v0.3.94 allows an attacker to cause a Denial of Service ... High Unreviewed
CVE-2024-8028 was published Mar 20, 2025
Open WebUI denial of service through endpoint for converting markdown High
CVE-2024-7983 was published for open-webui (pip) Mar 20, 2025
Gradio DOS in multipart boundry while uploading the file High
CVE-2024-8966 was published for gradio (pip) Mar 20, 2025
LiteLLM Vulnerable to Denial of Service (DoS) via Crafted HTTP Request High
CVE-2024-8984 was published for litellm (pip) Mar 20, 2025
ishaan-jaff
Credited to ishaan-jaff
Quivr unauthenticated Denial of Service (DoS) via Multipart Boundary High
CVE-2024-9229 was published for quivr-core (pip) Mar 20, 2025
BentoML Denial of Service (DoS) via Multipart Boundary High
CVE-2024-9056 was published for bentoml (pip) Mar 20, 2025
SuperAGI version v0.0.14 is vulnerable to an unauthenticated Denial of Service (DoS) attack. The... High Unreviewed
CVE-2024-9437 was published Mar 20, 2025
Ollama Allocation of Resources Without Limits or Throttling vulnerability High
CVE-2025-0315 was published for github.com/ollama/ollama (Go) Mar 20, 2025
A vulnerability in danswer-ai/danswer version 0.9.0 allows for denial of service through memory... High Unreviewed
CVE-2025-0182 was published Mar 20, 2025
A vulnerability in parisneo/lollms-webui v13 arises from the server's handling of multipart... High Unreviewed
CVE-2025-1451 was published Mar 20, 2025
Aim Uncontrolled Resource Consumption vulnerability High
CVE-2025-0189 was published for aim (pip) Mar 20, 2025
Web Push Denial of Service via malicious Web Push endpoint Moderate
GHSA-fc83-9jwq-gc2m was published for web-push (Rust) Mar 24, 2025
An Allocation of Resources Without Limits or Throttling vulnerability in the operating system... High Unreviewed
CVE-2024-45484 was published Mar 25, 2025
Keycloak Denial of Service (DoS) Vulnerability via JWT Token Cache Moderate
CVE-2025-2559 was published for org.keycloak:keycloak-services (Maven) Mar 25, 2025
Directus's S3 assets become unavailable after a burst of malformed transformations Moderate
CVE-2025-30225 was published for @directus/storage-driver-s3 (npm) Mar 26, 2025
joselcvarela
Credited to joselcvarela
Directus's S3 assets become unavailable after a burst of HEAD requests Moderate
CVE-2025-30350 was published for @directus/storage-driver-s3 (npm) Mar 26, 2025
joselcvarela
Credited to joselcvarela
Nethermind Juno Potential Denial of Service (DoS) via Integer Overflow High
CVE-2025-29072 was published for github.com/NethermindEth/juno (Go) Mar 27, 2025
An issue has been discovered in GitLab EE/CE affecting all versions from 12.10 before 17.8.6, 17... Moderate Unreviewed
CVE-2024-10307 was published Mar 28, 2025
Zabbix server is vulnerable to a DoS vulnerability due to uncontrolled resource exhaustion. An... Moderate Unreviewed
CVE-2024-45700 was published Apr 2, 2025
image-size Denial of Service via Infinite Loop during Image Processing High
GHSA-m5qc-5hw7-8vg7 was published for image-size (npm) Apr 2, 2025
dellalibera TheFrankemon
Credited to dellalibera and TheFrankemon
Django Potential Denial of Service (DoS) on Windows Moderate
CVE-2025-27556 was published for Django (pip) Apr 2, 2025
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message,... High Unreviewed
CVE-2025-32049 was published Apr 3, 2025
Allocation of resources without limits or throttling issue exists in HMI ViewJet C-more series... Moderate Unreviewed
CVE-2025-24317 was published Apr 4, 2025
Apollo Router Query Planner Vulnerable to Excessive Resource Consumption via Optimization Bypass High
CVE-2025-32032 was published for apollo-router (Rust) Apr 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database