Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,071
Erlang
29
GitHub Actions
19
Go
1,893
Maven
5,000+
npm
3,630
NuGet
638
pip
3,243
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,482 advisories

Loading
MindsDB Cross-site Scripting vulnerability Moderate
CVE-2024-45856 was published for mindsdb (pip) Sep 12, 2024
Ansible vulnerable to Insertion of Sensitive Information into Log File Moderate
CVE-2024-8775 was published for ansible-core (pip) Sep 16, 2024
Composio Code Injection Vulnerability Moderate
CVE-2024-8864 was published for composio-core (pip) Sep 16, 2024
Composio Path Traversal vulnerability Moderate
CVE-2024-8865 was published for composio-core (pip) Sep 16, 2024
LangChain pickle deserialization of untrusted data Moderate
CVE-2024-5998 was published for langchain (pip) Sep 17, 2024
Sentry improperly authorizes deletion of user issue alert notifications Moderate
CVE-2024-45605 was published for sentry (pip) Sep 17, 2024
javeedsk8341
vLLM Denial of Service via the best_of parameter Moderate
CVE-2024-8939 was published for vllm (pip) Sep 17, 2024
ProTip! Advisories are also available from the GraphQL API