GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,533 advisories
urllib3 does not control redirects in browsers and Node.js
Moderate
CVE-2025-50182
was published
for
urllib3
(pip)
Jun 18, 2025
urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation
Moderate
CVE-2025-50181
was published
for
urllib3
(pip)
Jun 18, 2025
Vyper: reversed order of side effects for some operations
Moderate
CVE-2023-40015
was published
for
vyper
(pip)
Sep 4, 2023
PyTorch Improper Resource Shutdown or Release vulnerability
Moderate
CVE-2025-3730
was published
for
torch
(pip)
Apr 16, 2025
Weblate lacks rate limiting when verifying second factor
Moderate
CVE-2025-47951
was published
for
weblate
(pip)
Jun 16, 2025
pycares has a Use-After-Free Vulnerability
Moderate
GHSA-5qpg-rh4j-qp35
was published
for
pycares
(pip)
Jun 16, 2025
Mobile Security Framework (MobSF) has a SSRF Vulnerability fix bypass on assetlinks_check with DNS Rebinding
Moderate
CVE-2025-31116
was published
for
mobsf
(pip)
Mar 31, 2025
Nautobot vulnerable to secrets exposure and data manipulation through Jinja2 templating
Moderate
CVE-2025-49142
was published
for
nautobot
(pip)
Jun 10, 2025
OctoPrint Vulnerable to Denial of Service through malformed HTTP request in OctoPrint
Moderate
CVE-2025-48879
was published
for
OctoPrint
(pip)
Jun 10, 2025
OctoPrint vulnerable to possible file extraction via upload endpoints
Moderate
CVE-2025-48067
was published
for
OctoPrint
(pip)
Jun 10, 2025
Requests vulnerable to .netrc credentials leak via malicious URLs
Moderate
CVE-2024-47081
was published
for
requests
(pip)
Jun 9, 2025
In aiohttp, compressed files as symlinks are not protected from path traversal
Moderate
CVE-2024-42367
was published
for
aiohttp
(pip)
Aug 9, 2024
ProTip!
Advisories are also available from the
GraphQL API