GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,516 advisories
cleo is vulnerable to Regular Expression Denial of Service (ReDoS)
Moderate
CVE-2022-42966
was published
for
cleo
(pip)
Nov 10, 2022
Picklescan Allows Remote Code Execution via Malicious Pickle File Bypassing Static Analysis
Moderate
CVE-2025-1716
was published
for
picklescan
(pip)
Mar 3, 2025
Zip Exploit Crashes Picklescan But Not PyTorch
Moderate
CVE-2025-1944
was published
for
picklescan
(pip)
Mar 10, 2025
Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch
Moderate
CVE-2025-1945
was published
for
picklescan
(pip)
Mar 10, 2025
xgrammar Vulnerable to Denial of Service (DoS) by abusing unbounded cache in memory
Moderate
CVE-2025-32381
was published
for
xgrammar
(pip)
Apr 9, 2025
Picklescan missing detection when calling built-in python library function timeit.timeit()
Moderate
GHSA-v7x6-rv5q-mhwc
was published
for
picklescan
(pip)
Apr 7, 2025
Picklescan failed to detect to some unsafe global function in Numpy library
Moderate
GHSA-fj43-3qmq-673f
was published
for
picklescan
(pip)
Apr 7, 2025
AWS SAM CLI Path Traversal allows file copy to local cache
Moderate
CVE-2025-3048
was published
for
aws-sam-cli
(pip)
Mar 31, 2025
AWS SAM CLI Path Traversal allows file copy to build container
Moderate
CVE-2025-3047
was published
for
aws-sam-cli
(pip)
Mar 31, 2025
Flask-AppBuilder's OAuth login page subject to Cross Site Scripting (XSS)
Moderate
CVE-2024-27083
was published
for
Flask-AppBuilder
(pip)
Feb 28, 2024
Mobile Security Framework (MobSF) has a SSRF Vulnerability fix bypass on assetlinks_check with DNS Rebinding
Moderate
CVE-2025-31116
was published
for
mobsf
(pip)
Mar 31, 2025
ProTip!
Advisories are also available from the
GraphQL API