GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3,507 advisories
Post-Quantum Secure Feldman's Verifiable Secret Sharing has Inadequate Fault Injection Countermeasures in `secure_redundant_execution`
Moderate
CVE-2025-29779
was published
for
PostQuantum-Feldman-VSS
(pip)
Mar 14, 2025
Post-Quantum Secure Feldman's Verifiable Secret Sharing has Timing Side-Channels in Matrix Operations
Moderate
CVE-2025-29780
was published
for
PostQuantum-Feldman-VSS
(pip)
Mar 14, 2025
XPixelGroup BasicSR Command Injection
Moderate
CVE-2024-27763
was published
for
basicsr
(pip)
Mar 12, 2025
Arbitrary Code Execution via Crafted Keras Config for Model Loading
High
CVE-2025-1550
was published
for
keras
(pip)
Mar 11, 2025
Zip Exploit Crashes Picklescan But Not PyTorch
Moderate
CVE-2025-1944
was published
for
picklescan
(pip)
Mar 10, 2025
Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch
Moderate
CVE-2025-1945
was published
for
picklescan
(pip)
Mar 10, 2025
Jinja2 vulnerable to sandbox breakout through attr filter selecting format method
Moderate
CVE-2025-27516
was published
for
Jinja2
(pip)
Mar 5, 2025
Picklescan Allows Remote Code Execution via Malicious Pickle File Bypassing Static Analysis
Moderate
CVE-2025-1716
was published
for
picklescan
(pip)
Mar 3, 2025
PyTorch Model Files Can Bypass Pickle Scanners via Unexpected Pickle Extensions
Moderate
CVE-2025-1889
was published
for
picklescan
(pip)
Mar 3, 2025
CodeChecker open redirect when URL contains multiple slashes after the product name
Moderate
CVE-2025-1300
was published
for
codechecker
(pip)
Mar 3, 2025
ProTip!
Advisories are also available from the
GraphQL API