Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11,577 advisories

Loading
mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of... High Unreviewed
CVE-2024-6868 was published Oct 29, 2024
GPT Academic version 3.83 is vulnerable to a Local File Read (LFI) vulnerability through its... High Unreviewed
CVE-2024-10986 was published Mar 20, 2025
gaizhenbiao/chuanhuchatgpt version git d4ec6a3 is affected by a local file inclusion... Moderate Unreviewed
CVE-2024-10707 was published Mar 20, 2025
mintplex-labs/anything-llm is vulnerable to multiple security issues due to improper input... High Unreviewed
CVE-2024-3152 was published Jun 6, 2024
A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function... Moderate Unreviewed
CVE-2025-11345 was published Oct 6, 2025
Improper Input Validation vulnerability in TOTOLINK X6000R allows Command Injection, File... High Unreviewed
CVE-2025-52907 was published Sep 24, 2025
Improper input validation in the component /kafka/ui/serdes/CustomSerdeLoader.java of kafka-ui v0... Moderate Unreviewed
CVE-2025-60537 was published Oct 14, 2025
Improper input validation in Microsoft Exchange Server allows an unauthorized attacker to perform... High Unreviewed
CVE-2025-59248 was published Oct 14, 2025
Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-59187 was published Oct 14, 2025
Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute... High Unreviewed
CVE-2025-59228 was published Oct 14, 2025
Improper input validation in Microsoft Windows Search Component allows an authorized attacker to... Moderate Unreviewed
CVE-2025-59198 was published Oct 14, 2025
Improper input validation in Microsoft Windows Search Component allows an unauthorized attacker... Moderate Unreviewed
CVE-2025-59190 was published Oct 14, 2025
Improper input validation in Microsoft Windows Speech allows an authorized attacker to elevate... High Unreviewed
CVE-2025-58716 was published Oct 14, 2025
Improper input validation in Windows Error Reporting allows an authorized attacker to elevate... High Unreviewed
CVE-2025-55692 was published Oct 14, 2025
Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate... High Unreviewed
CVE-2025-59207 was published Oct 14, 2025
Improper input validation in Windows Kernel allows an unauthorized attacker to disclose... Moderate Unreviewed
CVE-2025-55679 was published Oct 14, 2025
Django Filer Unrestricted Upload of File with Dangerous Type Moderate
CVE-2024-11404 was published for django-filer (pip) Nov 20, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), Improper... High Unreviewed
CVE-2024-9286 was published Oct 9, 2024
A security issue was discovered within FactoryTalk® ViewPoint, allowing unauthenticated attackers... High Unreviewed
CVE-2025-9066 was published Oct 14, 2025
A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family (incl. SIPLUS variants) (All... High Unreviewed
CVE-2011-20001 was published Oct 14, 2025
FastAPI Guard has a regex bypass High
CVE-2025-54365 was published for fastapi-guard (pip) Jul 23, 2025
dhki rennf93
Credited to dhki and rennf93
Improper Input Validation in Apache Struts High
CVE-2016-1182 was published for org.apache.struts:struts-core (Maven) May 13, 2022
ryanmurf
Credited to ryanmurf
Improper Input Validation in Apache Struts High
CVE-2016-1181 was published for org.apache.struts:struts-core (Maven) May 13, 2022
ryanmurf
Credited to ryanmurf
Improper Input Validation in Apache Struts High
CVE-2015-0899 was published for org.apache.struts:struts-core (Maven) May 14, 2022
ryanmurf
Credited to ryanmurf
HCL Unica MaxAI Workbench is vulnerable to improper input validation. This allows attackers to... Low Unreviewed
CVE-2025-31995 was published Oct 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database