GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
10,539 advisories
Contao discloses sensitive information in the front end search index
Moderate
CVE-2025-57756
was published
for
contao/contao
(Composer)
Aug 28, 2025
lychee link checking action affected by arbitrary code injection in composite action
Moderate
CVE-2024-48908
was published
for
lycheeverse/lychee-action
(GitHub Actions)
Aug 28, 2025
Google Sign-In for Rails allowed redirects to malformed URLs
Moderate
CVE-2025-57821
was published
for
google_sign_in
(RubyGems)
Aug 27, 2025
Picklescan is missing detection when calling built-in python library asyncio.unix_events._UnixSubprocessTransport._start
Moderate
GHSA-q77w-mwjj-7mqx
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan is missing detection when calling built-in python cProfile.run
Moderate
GHSA-49gj-c84q-6qm9
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan is missing detection when calling built-in python cProfile.runctx
Moderate
GHSA-9w88-8rmg-7g2p
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan is missing detection when calling built-in python doctest.debug_script
Moderate
GHSA-fqq6-7vqf-w3fg
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan is missing detection when calling built-in python idlelib.pyshell.ModifiedInterpreter.runcode
Moderate
GHSA-3gf5-cxq9-w223
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan is missing detection when calling built-in python idlelib.pyshell.ModifiedInterpreter.runcommand
Moderate
GHSA-j343-8v2j-ff7w
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan is missing detection when calling built-in python idlelib.run.Executive.runcode
Moderate
GHSA-m869-42cg-3xwr
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan is missing detection when calling built-in python lib2to3.pgen2.pgen.ParserGenerator.make_label
Moderate
GHSA-p9w7-82w4-7q8m
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan is missing detection when calling built-in python ensurepip._run_pip
Moderate
GHSA-xp4f-hrf8-rxw7
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan is missing detection when calling pytorch function torch.utils.bottleneck.__main__.run_autograd_prof
Moderate
GHSA-4whj-rm5r-c2v8
was published
for
picklescan
(pip)
Aug 26, 2025
GraphQL Armor Max-Depth Plugin Bypass via Introspection Query Obfuscation
Moderate
GHSA-hmfr-rx46-4jx2
was published
for
@escape.tech/graphql-armor-max-depth
(npm)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python library idlelib.calltip.get_entity
Moderate
GHSA-9xph-j2h6-g47v
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python idlelib.calltip.Calltip
Moderate
GHSA-8r4j-24qv-fmq9
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python code.InteractiveInterpreter
Moderate
GHSA-cj3c-v495-4xqh
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python idlelib.autocomplete.AutoComplete.fetch_completions
Moderate
GHSA-7cq8-mj8x-j263
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python idlelib.autocomplete.AutoComplete.get_entity
Moderate
GHSA-6w4w-5w54-rjvr
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python idlelib.debugobj.ObjectTreeItem
Moderate
GHSA-3vg9-h568-4w9m
was published
for
picklescan
(pip)
Aug 26, 2025
ProTip!
Advisories are also available from the
GraphQL API