Skip to content

Pull requests: github/advisory-database

New pull request New
24 Open 6,446 Closed
24 Open 6,446 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-x4xq-7w28-q486] Smart contract Marginal v1 performs unsafe downcast,...
#7337 opened Apr 8, 2026 by donnyoregon Loading…
[GHSA-8ffj-4hx4-9pgf] lightrag-hku: JWT Algorithm Confusion Vulnerability
#7336 opened Apr 8, 2026 by nomore8797 Loading…
1
[GHSA-4wmm-6qxj-fpj4] AVideo has a Path Traversal in listFiles.json.php Enables Server Filesystem Enumeration
#7335 opened Apr 8, 2026 by Marcono1234 Loading…
1
[GHSA-v467-g7g7-hhfh] AVideo has SSRF in Scheduler Plugin via callbackURL Missing isSSRFSafeURL() Validation
#7334 opened Apr 8, 2026 by Marcono1234 Loading…
1
[GHSA-rfgh-63mg-8pwm] pyload-ng has a WebUI JSON permission mismatch that lets ADD/DELETE users invoke MODIFY-only actions
#7332 opened Apr 8, 2026 by komi22 Loading…
1
[GHSA-ghc4-35x6-crw5] Envoy has RBAC Header Validation Bypass via Multi-Value Header Concatenation
#7331 opened Apr 8, 2026 by sekveaja Loading…
4
[GHSA-rxpj-7qvf-xv32] Improper Input Validation, Improper Control of Generation...
#7330 opened Apr 8, 2026 by filipecamargos Loading…
[GHSA-6jwv-w5xf-7j27] go.etcd.io/bbolt affected by index out-of-range vulnerability
#7329 opened Apr 8, 2026 by ryanbekhen Loading…
3
[GHSA-5qcv-4rpc-jp93] A race condition in the Apache Kafka Java producer client...
#7328 opened Apr 8, 2026 by filipecamargos Loading…
[GHSA-rq49-h582-83m7] Cockpit's remote login feature passes user-supplied...
#7327 opened Apr 8, 2026 by Venefilyn Loading…
[GHSA-mp2g-9vg9-f4cg] h3 v1 has Request Smuggling (TE.TE) issue
#7322 opened Apr 8, 2026 by simonkoeck Loading…
1
[GHSA-f23m-r3pf-42rh] lodash vulnerable to Prototype Pollution via array path bypass in _.unset and _.omit
#7320 opened Apr 8, 2026 by Kteamk Loading…
2
[GHSA-6w46-j5rx-g56g] pytest through 9.0.2 on UNIX relies on directories with...
#7316 opened Apr 7, 2026 by adamjstewart Loading…
[GHSA-gxr4-xjj5-5px2] Potential XSS vulnerability in jQuery
#7311 opened Apr 6, 2026 by sealonohana Loading…
2
Improve GHSA-jm43-hrq7-r7w6
#7290 opened Apr 3, 2026 by manuelleduc Loading…
[GHSA-m494-w24q-6f7w] JDBC Driver for SQL Server has improper input validation issue
#7287 opened Apr 3, 2026 by dguerri Loading…
[GHSA-j3q9-mxjg-w52f] path-to-regexp vulnerable to Denial of Service via sequential optional groups
#7282 opened Apr 1, 2026 by CodyCodeman Loading…
3
correct fixed-version metadata and add reporter credit for GHSA-wmxr-6j5f-838p
#7280 opened Apr 1, 2026 by 1seal Loading…
[GHSA-prjq-f4q3-fvfr] github.com/russellhaering/gosaml2 is vulnerable to NULL Pointer Dereference
#7278 opened Apr 1, 2026 by simon-reisinger-dynatrace Loading…
4
[GHSA-mf92-479x-3373] Spring Security HTTP Headers Are not Written Under Some Conditions
#7275 opened Mar 31, 2026 by fritzdal Loading…
3
[GHSA-653v-rqx9-j85p] deep-object-diff vulnerable to Prototype Pollution
#7272 opened Mar 31, 2026 by rsholokh Loading…
1
[GHSA-9848-v244-962p] Apache Struts XSS
#7270 opened Mar 31, 2026 by urielcos Loading…
1
[GHSA-qf5v-q897-m77r] The ip (aka node-ip) package through 2.0.1 (in NPM) might...
#7243 opened Mar 27, 2026 by bughir0 Loading…
2
[GHSA-jx49-fphc-w293] Improper Restriction of XML External Entity Reference... Stale
#7197 opened Mar 19, 2026 by Bhanu99517 Loading…
2
ProTip! Updated in the last three days: updated:>2026-04-05.