GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
23,747 advisories
Picklescan is missing detection when calling pytorch function torch.utils.bottleneck.__main__.run_autograd_prof
Moderate
GHSA-4whj-rm5r-c2v8
was published
for
picklescan
(pip)
Aug 26, 2025
GraphQL Armor Max-Depth Plugin Bypass via Introspection Query Obfuscation
Moderate
GHSA-hmfr-rx46-4jx2
was published
for
@escape.tech/graphql-armor-max-depth
(npm)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python library idlelib.calltip.get_entity
Moderate
GHSA-9xph-j2h6-g47v
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python idlelib.calltip.Calltip
Moderate
GHSA-8r4j-24qv-fmq9
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python code.InteractiveInterpreter
Moderate
GHSA-cj3c-v495-4xqh
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python idlelib.autocomplete.AutoComplete.fetch_completions
Moderate
GHSA-7cq8-mj8x-j263
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python idlelib.autocomplete.AutoComplete.get_entity
Moderate
GHSA-6w4w-5w54-rjvr
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python idlelib.debugobj.ObjectTreeItem
Moderate
GHSA-3vg9-h568-4w9m
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python lib2to3.pgen2.grammar.Grammar.loads
Moderate
GHSA-f54q-57x4-jg88
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python profile.Profile.runctx
Moderate
GHSA-6vqj-c2q5-j97w
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python profile.Profile.run
Moderate
GHSA-x696-vm39-cp64
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python trace.Trace.runctx
Moderate
GHSA-g344-hcph-8vgg
was published
for
picklescan
(pip)
Aug 26, 2025
Picklescan has a missing detection when calling built-in python trace.Trace.run
Moderate
GHSA-5qwp-399c-mjwf
was published
for
picklescan
(pip)
Aug 26, 2025
traQ Allows Insertion of Sensitive Information into Log File
Moderate
CVE-2025-57813
was published
for
github.com/traPtitech/traQ
(Go)
Aug 26, 2025
ImageMagick (WriteBMPImage): 32-bit integer overflow when writing BMP scanline stride → heap buffer overflow
High
CVE-2025-57803
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Aug 26, 2025
ImageMagick has a Format String Bug in InterpretImageFilename leads to arbitrary code execution
High
CVE-2025-55298
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Aug 26, 2025
ImageMagick affected by divide-by-zero in ThumbnailImage via montage -geometry ":" leads to crash
Low
CVE-2025-55212
was published
for
Magick.NET-Q16-AnyCPU
(NuGet)
Aug 26, 2025
request-filtering-agent SSRF Bypass via HTTPS Requests to 127.0.0.1
Moderate
CVE-2025-57814
was published
for
request-filtering-agent
(npm)
Aug 25, 2025
mitmproxy binaries embed a vulnerable python-hyper/h2 dependency
Moderate
GHSA-63cx-g855-hvv4
was published
for
mitmproxy
(pip)
Aug 25, 2025
h2 allows HTTP Request Smuggling due to illegal characters in headers
Moderate
CVE-2025-57804
was published
for
h2
(pip)
Aug 25, 2025
ProTip!
Advisories are also available from the
GraphQL API