GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3,779 advisories
MobSF vulnerability allows SSRF due to the allow_redirects=True parameter
High
CVE-2024-54000
was published
for
mobsf
(pip)
Jun 27, 2025
LLaMA-Factory allows Code Injection through improper vhead_file safeguards
High
CVE-2025-53002
was published
for
llamafactory
(pip)
Jun 27, 2025
ChangeDetection.io XSS in watch overview
High
CVE-2025-52558
was published
for
changedetection.io
(pip)
Jun 23, 2025
rfc3161-client has insufficient verification for timestamp response signatures
Critical
CVE-2025-52556
was published
for
rfc3161-client
(pip)
Jun 20, 2025
urllib3 does not control redirects in browsers and Node.js
Moderate
CVE-2025-50182
was published
for
urllib3
(pip)
Jun 18, 2025
urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation
Moderate
CVE-2025-50181
was published
for
urllib3
(pip)
Jun 18, 2025
pycares has a Use-After-Free Vulnerability
Moderate
GHSA-5qpg-rh4j-qp35
was published
for
pycares
(pip)
Jun 16, 2025
Weblate exposes personal IP address via e-mail
Low
CVE-2025-49134
was published
for
weblate
(pip)
Jun 16, 2025
Weblate lacks rate limiting when verifying second factor
Moderate
CVE-2025-47951
was published
for
weblate
(pip)
Jun 16, 2025
ProTip!
Advisories are also available from the
GraphQL API