GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
153 advisories
Zip Exploit Crashes Picklescan But Not PyTorch
Moderate
CVE-2025-1944
was published
for
picklescan
(pip)
Mar 10, 2025
Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch
Moderate
CVE-2025-1945
was published
for
picklescan
(pip)
Mar 10, 2025
Hickory DNS's DNSSEC validation may accept broken authentication chains
Moderate
CVE-2025-25188
was published
for
hickory-proto
(Rust)
Feb 10, 2025
Duplicate Advisory: WildFly Elytron OpenID Connect Client Extension authorization code injection attack
Moderate
GHSA-4v5x-9m47-cqr2
was published
for
org.wildfly:wildfly-elytron-oidc-client-subsystem
(Maven)
Dec 9, 2024
•
withdrawn
sigstore-java has vulnerability with bundle verification
Moderate
CVE-2024-53267
was published
for
dev.sigstore:sigstore-java
(Maven)
Nov 26, 2024
OpenStack Neutron can use an incorrect ID during policy enforcement
Moderate
CVE-2024-53916
was published
for
neutron
(pip)
Nov 25, 2024
ProTip!
Advisories are also available from the
GraphQL API