GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
10,560 advisories
Picklescan has a missing detection when calling built-in python trace.Trace.run
Moderate
GHSA-5qwp-399c-mjwf
was published
for
picklescan
(pip)
Aug 26, 2025
traQ Allows Insertion of Sensitive Information into Log File
Moderate
CVE-2025-57813
was published
for
github.com/traPtitech/traQ
(Go)
Aug 26, 2025
request-filtering-agent SSRF Bypass via HTTPS Requests to 127.0.0.1
Moderate
CVE-2025-57814
was published
for
request-filtering-agent
(npm)
Aug 25, 2025
mitmproxy binaries embed a vulnerable python-hyper/h2 dependency
Moderate
GHSA-63cx-g855-hvv4
was published
for
mitmproxy
(pip)
Aug 25, 2025
h2 allows HTTP Request Smuggling due to illegal characters in headers
Moderate
CVE-2025-57804
was published
for
h2
(pip)
Aug 25, 2025
Craft CMS Potential Remote Code Execution via Twig SSTI
Moderate
CVE-2025-57811
was published
for
craftcms/cms
(Composer)
Aug 25, 2025
ImageMagick has Undefined Behavior (function-type-mismatch) in CloneSplayTree
Moderate
CVE-2025-55160
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Aug 25, 2025
Picklescan missing detection when calling pytorch function torch.utils._config_module.load_config
Moderate
GHSA-vv6j-3g6g-2pvj
was published
for
picklescan
(pip)
Aug 22, 2025
Picklescan missing detection when calling pytorch function torch.jit.unsupported_tensor_ops.execWrapper
Moderate
GHSA-vr7h-p6mm-wpmh
was published
for
picklescan
(pip)
Aug 22, 2025
Picklescan missing detection when calling pytorch function torch.utils.data.datapipes.utils.decoder.basichandlers
Moderate
GHSA-h3qp-7fh3-f8h4
was published
for
picklescan
(pip)
Aug 22, 2025
Picklescan missing detection when calling pytorch function torch.utils.collect_env.run
Moderate
GHSA-f745-w6jp-hpxx
was published
for
picklescan
(pip)
Aug 22, 2025
ProTip!
Advisories are also available from the
GraphQL API