Skip to content

Pull requests: github/advisory-database

New pull request New
26 Open 2,451 Closed
26 Open 2,451 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-mrr8-v49w-3333] sweetalert2 v11.6.14 and above contains potentially undesirable behavior
#2716 opened Sep 8, 2023 by sfan5 Loading…
[GHSA-q3mw-pvr8-9ggc] Apache Tomcat Open Redirect vulnerability
#2712 opened Sep 6, 2023 by cdupuis Loading…
4
[GHSA-cj8w-v588-p8wx] pf4j vulnerable to remote code execution via expandIfZip method in the extract function
#2693 opened Sep 1, 2023 by kwansuddoungjai Loading…
1
[GHSA-j6mp-hx4g-p3gm] Command injection in pagekit
#2692 opened Sep 1, 2023 by kwansuddoungjai Loading…
1
[GHSA-62pr-54gv-vg5g] SpringBlade vulnerable to SQL injection
#2691 opened Sep 1, 2023 by kwansuddoungjai Loading…
1
[GHSA-xjw2-6jm9-rf67] Sandbox escape via various forms of "format".
#2689 opened Aug 31, 2023 by m3t3kh4n Loading…
5
[GHSA-9q8v-89mc-3pg4] An elevation of privilege vulnerability in the kernel...
#2687 opened Aug 30, 2023 by sBaidani Loading…
1
[GHSA-g3vf-47fv-8f3c] MrSwitch hello.js vulnerable to prototype pollution
#2686 opened Aug 29, 2023 by kwansuddoungjai Loading…
2
[GHSA-xc2r-jf2x-gjr8] external-svg-loader Cross-site Scripting vulnerability
#2685 opened Aug 29, 2023 by kwansuddoungjai Loading…
1
[GHSA-8fp9-43pw-56vw] PandasAI vulnerable to arbitrary code execution
#2684 opened Aug 29, 2023 by kwansuddoungjai Loading…
[GHSA-92j5-3459-qgp4] LangChain vulnerable to arbitrary code execution
#2683 opened Aug 29, 2023 by kwansuddoungjai Loading…
1
[GHSA-xrrh-h86w-pwfj] Alluxio vulnerable to arbitrary code execution
#2682 opened Aug 29, 2023 by kwansuddoungjai Loading…
[GHSA-5p42-m6f3-hpmj] tree-kit Prototype Pollution vulnerability
#2681 opened Aug 29, 2023 by kwansuddoungjai Loading…
[GHSA-68xg-gqqm-vgj8] Puma HTTP Request/Response Smuggling vulnerability
#2680 opened Aug 29, 2023 by kwansuddoungjai Loading…
1
[GHSA-7954-6m9q-gpvf] XWiki Platform privilege escalation (PR)/RCE from account through Invitation subject/message
#2679 opened Aug 29, 2023 by kwansuddoungjai Loading…
1
[GHSA-5mf8-v43w-mfxp] XWiki Platform privilege escalation (PR) from account through AWM content fields
#2678 opened Aug 29, 2023 by kwansuddoungjai Loading…
2
[GHSA-8xhr-x3v8-rghj] XWiki Platform's Groovy jobs check the wrong author, allowing remote code execution
#2677 opened Aug 29, 2023 by kwansuddoungjai Loading…
1
[GHSA-4993-m7g5-r9hh] etcd has no minimum password length
#2674 opened Aug 29, 2023 by hanawatson Loading…
2
[GHSA-rp65-9cf3-cjxr] Inefficient Regular Expression Complexity in nth-check
Stale
#2648 opened Aug 22, 2023 by Shital769 Loading…
2
[GHSA-9m93-w8w6-76hh] Mongoose Prototype Pollution vulnerability
#2639 opened Aug 20, 2023 by Bhaggyjoshi Loading…
2
[GHSA-h755-8qp9-cq85] protobufjs Prototype Pollution vulnerability
Stale
#2625 opened Aug 16, 2023 by Ashish17032003 Loading…
2
[GHSA-8hfj-j24r-96c4] Path Traversal: 'dir/../../filename' in moment.locale
Stale
#2560 opened Jul 31, 2023 by Subrata19777 Loading…
12
[GHSA-3p62-6fjh-3p5h] Keycloak vulnerable to cross-site scripting when validating URI-schemes on SAML and OIDC
#2549 opened Jul 27, 2023 by uxdom Loading…
4
[GHSA-qwph-4952-7xr6] jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()
Stale
#2537 opened Jul 27, 2023 by sulaiman-coder Loading…
4
[GHSA-q9w4-w667-qqj4] ckeditor-wordcount-plugin vulnerable to Cross-site Scripting in Source Mode of Editor
#2523 opened Jul 26, 2023 by ohader Loading…
6
ProTip! What’s not been updated in a month: updated:<2023-08-08.