Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,943
Erlang
39
GitHub Actions
38
Go
2,603
Maven
5,000+
npm
4,250
NuGet
755
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,649 advisories

Loading
Picklescan is missing detection when calling pytorch function torch.utils.bottleneck.__main__.run_autograd_prof Moderate
GHSA-4whj-rm5r-c2v8 was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python library idlelib.calltip.get_entity Moderate
GHSA-9xph-j2h6-g47v was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python idlelib.calltip.Calltip Moderate
GHSA-8r4j-24qv-fmq9 was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python code.InteractiveInterpreter Moderate
GHSA-cj3c-v495-4xqh was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python idlelib.autocomplete.AutoComplete.fetch_completions Moderate
GHSA-7cq8-mj8x-j263 was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python idlelib.autocomplete.AutoComplete.get_entity Moderate
GHSA-6w4w-5w54-rjvr was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python idlelib.debugobj.ObjectTreeItem Moderate
GHSA-3vg9-h568-4w9m was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python lib2to3.pgen2.grammar.Grammar.loads Moderate
GHSA-f54q-57x4-jg88 was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python profile.Profile.runctx Moderate
GHSA-6vqj-c2q5-j97w was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python profile.Profile.run Moderate
GHSA-x696-vm39-cp64 was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python trace.Trace.runctx Moderate
GHSA-g344-hcph-8vgg was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
Picklescan has a missing detection when calling built-in python trace.Trace.run Moderate
GHSA-5qwp-399c-mjwf was published for picklescan (pip) Aug 26, 2025
FredericDT
Credited to FredericDT
h2 allows HTTP Request Smuggling due to illegal characters in headers Moderate
CVE-2025-57804 was published for h2 (pip) Aug 25, 2025
sebastianosrt mhils
Credited to sebastianosrt and mhils
mitmproxy binaries embed a vulnerable python-hyper/h2 dependency Moderate
GHSA-63cx-g855-hvv4 was published for mitmproxy (pip) Aug 25, 2025
sebastianosrt mhils
Credited to sebastianosrt and mhils
Picklescan missing detection when calling pytorch function torch.utils._config_module.load_config Moderate
GHSA-vv6j-3g6g-2pvj was published for picklescan (pip) Aug 22, 2025
FredericDT
Credited to FredericDT
Picklescan missing detection when calling pytorch function torch.jit.unsupported_tensor_ops.execWrapper Moderate
GHSA-vr7h-p6mm-wpmh was published for picklescan (pip) Aug 22, 2025
FredericDT
Credited to FredericDT
Picklescan missing detection when calling pytorch function torch.utils.data.datapipes.utils.decoder.basichandlers Moderate
GHSA-h3qp-7fh3-f8h4 was published for picklescan (pip) Aug 22, 2025
FredericDT
Credited to FredericDT
Picklescan missing detection when calling pytorch function torch.utils.collect_env.run Moderate
GHSA-f745-w6jp-hpxx was published for picklescan (pip) Aug 22, 2025
FredericDT
Credited to FredericDT
Picklescan missing detection when calling pytorch function torch.fx.experimental.symbolic_shapes.ShapeEnv.evaluate_guards_expression Moderate
GHSA-f4x7-rfwp-v3xw was published for picklescan (pip) Aug 22, 2025
FredericDT
Credited to FredericDT
Picklescan missing detection when calling pytorch function torch._dynamo.guards.GuardBuilder.get Moderate
GHSA-86cj-95qr-2p4f was published for picklescan (pip) Aug 22, 2025
FredericDT
Credited to FredericDT
Picklescan missing detection when calling pytorch function torch.utils.bottleneck.__main__.run_cprofile Moderate
GHSA-4r9r-ch6f-vxmx was published for picklescan (pip) Aug 22, 2025
FredericDT
Credited to FredericDT
Copier's safe template has filesystem write access outside destination path Moderate
CVE-2025-55214 was published for copier (pip) Aug 18, 2025
sisp pawamoy
yajo
Credited to sisp, pawamoy, and yajo
Apache Superset allows authenticated users to discover metadata about datasources they don't have permission to access Moderate
CVE-2025-55675 was published for apache-superset (pip) Aug 14, 2025
Apache Superset data query improperly discloses database schema information to low-privileged guest user Moderate
CVE-2025-55673 was published for apache-superset (pip) Aug 14, 2025
Apache Superset has bypass of `DISALLOWED_SQL_FUNCTIONS` that allows execution of blocked SQL functions Moderate
CVE-2025-55674 was published for apache-superset (pip) Aug 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database