GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
14 advisories
Zip Exploit Crashes Picklescan But Not PyTorch
Moderate
CVE-2025-1944
was published
for
picklescan
(pip)
Mar 10, 2025
Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch
Moderate
CVE-2025-1945
was published
for
picklescan
(pip)
Mar 10, 2025
aiosmtpd vulnerable to SMTP smuggling
Moderate
CVE-2024-27305
was published
for
aiosmtpd
(pip)
Mar 13, 2024
OpenStack Neutron can use an incorrect ID during policy enforcement
Moderate
CVE-2024-53916
was published
for
neutron
(pip)
Nov 25, 2024
Invalid root may become trusted root in The Update Framework (TUF)
Moderate
CVE-2020-15163
was published
for
tuf
(pip)
Sep 9, 2020
Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapin
Moderate
CVE-2023-48795
was published
for
golang.org/x/crypto
(Go)
Dec 18, 2023
AsyncSSH Rogue Extension Negotiation
Moderate
CVE-2023-46445
was published
for
asyncssh
(pip)
Nov 9, 2023
AsyncSSH vulnerable to Prefix Truncation Attack (a.k.a. Terrapin Attack) against ChaCha20-Poly1305 and Encrypt-then-MAC
Moderate
GHSA-hfmc-7525-mj55
was published
for
asyncssh
(pip)
Dec 18, 2023
ProTip!
Advisories are also available from the
GraphQL API