Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

24,603 advisories

Loading
Picklescan is missing detection when calling built-in python doctest.debug_script Moderate
GHSA-fqq6-7vqf-w3fg was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan is missing detection when calling built-in python idlelib.pyshell.ModifiedInterpreter.runcode Moderate
GHSA-3gf5-cxq9-w223 was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan is missing detection when calling built-in python idlelib.pyshell.ModifiedInterpreter.runcommand Moderate
GHSA-j343-8v2j-ff7w was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan is missing detection when calling built-in python idlelib.run.Executive.runcode Moderate
GHSA-m869-42cg-3xwr was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan is missing detection when calling built-in python lib2to3.pgen2.pgen.ParserGenerator.make_label Moderate
GHSA-p9w7-82w4-7q8m was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan is missing detection when calling built-in python ensurepip._run_pip Moderate
GHSA-xp4f-hrf8-rxw7 was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Badaso CMS file upload vulnerability High
CVE-2025-52353 was published for badaso/core (Composer) Aug 26, 2025
Picklescan is missing detection when calling pytorch function torch.utils.bottleneck.__main__.run_autograd_prof Moderate
GHSA-4whj-rm5r-c2v8 was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
GraphQL Armor Max-Depth Plugin Bypass via fragment caching Moderate
GHSA-224p-v68g-5g8f was published for @escape.tech/graphql-armor-max-depth (npm) Aug 26, 2025
GraphQL Armor Max-Depth Plugin Bypass via Introspection Query Obfuscation Moderate
GHSA-hmfr-rx46-4jx2 was published for @escape.tech/graphql-armor-max-depth (npm) Aug 26, 2025
M0ngi
Credited to M0ngi
Picklescan has a missing detection when calling built-in python library idlelib.calltip.get_entity Moderate
GHSA-9xph-j2h6-g47v was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python idlelib.calltip.Calltip Moderate
GHSA-8r4j-24qv-fmq9 was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python code.InteractiveInterpreter Moderate
GHSA-cj3c-v495-4xqh was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python idlelib.autocomplete.AutoComplete.fetch_completions Moderate
GHSA-7cq8-mj8x-j263 was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python idlelib.autocomplete.AutoComplete.get_entity Moderate
GHSA-6w4w-5w54-rjvr was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python idlelib.debugobj.ObjectTreeItem Moderate
GHSA-3vg9-h568-4w9m was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python lib2to3.pgen2.grammar.Grammar.loads Moderate
GHSA-f54q-57x4-jg88 was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python profile.Profile.runctx Moderate
GHSA-6vqj-c2q5-j97w was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python profile.Profile.run Moderate
GHSA-x696-vm39-cp64 was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python trace.Trace.runctx Moderate
GHSA-g344-hcph-8vgg was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python trace.Trace.run Moderate
GHSA-5qwp-399c-mjwf was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
xml2rfc has an arbitrary file read vulnerability High
CVE-2025-11058 was published for xml2rfc (pip) Aug 26, 2025
traQ Allows Insertion of Sensitive Information into Log File Moderate
CVE-2025-57813 was published for github.com/traPtitech/traQ (Go) Aug 26, 2025
ras0q
Credited to ras0q
jsPDF Denial of Service (DoS) High
CVE-2025-57810 was published for jspdf (npm) Aug 26, 2025
AlexRomberg
Credited to AlexRomberg
ImageMagick (WriteBMPImage): 32-bit integer overflow when writing BMP scanline stride → heap buffer overflow High
CVE-2025-57803 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 26, 2025
mescuwa
Credited to mescuwa
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database