Skip to content

Pull requests: github/advisory-database

New pull request New
17 Open 2,398 Closed
17 Open 2,398 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-vcph-37mh-fqrh] HTTP Response Smuggling vulnerability in Apache HTTP...
#2647 opened Aug 21, 2023 by joshbressers Loading…
[GHSA-9m93-w8w6-76hh] Mongoose Prototype Pollution vulnerability
#2639 opened Aug 20, 2023 by Bhaggyjoshi Loading…
1
[GHSA-prp9-9gxw-38j8] A deserialization flaw was found in Apache Chainsaw...
#2630 opened Aug 16, 2023 by joshbressers Loading…
2
[GHSA-h755-8qp9-cq85] protobufjs Prototype Pollution vulnerability
#2625 opened Aug 16, 2023 by Ashish17032003 Loading…
1
[GHSA-6r78-m64m-qwcf] Moq v4.20.0 and 4.20.1 share hashed user data
#2613 opened Aug 10, 2023 by JonDouglas Loading…
[GHSA-7mj4-2984-955f] AlchemyCMS is vulnerable to stored XSS via the /admin/pictures image field
#2587 opened Aug 4, 2023 by tvdeyen Loading…
4
[GHSA-pv7r-9vjg-g3f9] Duplicate advisory: swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length
#2567 opened Aug 2, 2023 by 186PhillipBeam Loading…
1
[GHSA-qm95-pgcg-qqfq] Insufficient validation when decoding a Socket.IO packet
#2561 opened Aug 1, 2023 by Subrata19777 Loading…
1
[GHSA-8hfj-j24r-96c4] Path Traversal: 'dir/../../filename' in moment.locale
#2560 opened Jul 31, 2023 by Subrata19777 Loading…
10
[GHSA-wc69-rhjr-hc9g] Moment.js vulnerable to Inefficient Regular Expression Complexity
#2559 opened Jul 31, 2023 by Subrata19777 Loading…
7
[GHSA-f8vr-r385-rh5r] h2 vulnerable to denial of service
#2554 opened Jul 29, 2023 by Apetree100122 Loading…
1
[GHSA-cmm9-mgm5-9r42] pandas through 1.0.3 can unserialize and execute commands...
#2553 opened Jul 28, 2023 by felickz Loading…
1
[GHSA-3p62-6fjh-3p5h] Keycloak vulnerable to cross-site scripting when validating URI-schemes on SAML and OIDC
#2549 opened Jul 27, 2023 by uxdom Loading…
2
[GHSA-qwph-4952-7xr6] jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()
#2537 opened Jul 27, 2023 by sulaiman-coder Loading…
1
[GHSA-q9w4-w667-qqj4] ckeditor-wordcount-plugin vulnerable to Cross-site Scripting in Source Mode of Editor
#2523 opened Jul 26, 2023 by ohader Loading…
1
[GHSA-jfh8-c2jp-5v3q] Remote code injection in Log4j
Keep
#2445 opened Jun 22, 2023 by jensdietrich Loading…
[GHSA-mvr2-9pj6-7w5j] Denial of Service in Google Guava
Keep
#2444 opened Jun 22, 2023 by jensdietrich Loading…
ProTip! Exclude everything labeled bug with -label:bug.