Skip to content

Pull requests: github/advisory-database

New pull request New
135 Open 6,656 Closed
135 Open 6,656 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-95jq-xph2-cx9h] Add upstream fix commit reference
#7710 opened May 15, 2026 by massif-01 Loading…
1
[GHSA-45h5-66jx-r2wf] MJML allows mj-include directory traversal due to an incomplete fix for CVE-2020-12827
#7709 opened May 15, 2026 by LambArchie Loading…
1
[GHSA-mwv9-gp5h-frr4] Add upstream fix commit reference
#7708 opened May 15, 2026 by massif-01 Loading…
1
[GHSA-gxhx-2686-5h9g] Add upstream fix commit reference
#7707 opened May 15, 2026 by massif-01 Loading…
1
[GHSA-fv2f-rw9f-v9cm] An issue in Nodemailer smtp_server before v.3.18.3 allows...
#7706 opened May 15, 2026 by blue2cat Loading…
3
[GHSA-rpr9-rxv7-x643] Apostrophe has default XSS via xmp raw-text passthrough in sanitize-html
#7705 opened May 15, 2026 by scotje Loading…
1
[GHSA-3rfq-4wpf-qqw3] Micronaut has Unbounded bundleCache in ResourceBundleMessageSource that Allows Memory Exhaustion via Accept-Language Header
#7704 opened May 15, 2026 by jojojo8359 Loading…
2
[GHSA-6cr3-m628-79px] * Countermeasures for DPA within SYMCRYPTO engine on...
#7703 opened May 15, 2026 by Vendetaaaa Loading…
[GHSA-rm3r-35x9-jv93] A supply chain attack compromised the official...
#7702 opened May 15, 2026 by Vendetaaaa Loading…
[GHSA-9694-5xfg-m7vr] Permission control vulnerability in contacts. Impact:...
#7701 opened May 15, 2026 by Vendetaaaa Loading…
[GHSA-hr7c-pw36-w99g] Diagram's export module is vulnerable to Path Traversal...
#7700 opened May 15, 2026 by Vendetaaaa Loading…
[GHSA-rpr9-rxv7-x643] Apostrophe has default XSS via xmp raw-text passthrough in sanitize-html
#7699 opened May 15, 2026 by AND-TomHarris Loading…
1
[GHSA-vvfc-fp59-m92g] Langflow: DoS Through Lack of File Size Restriction via Deprecated Unauthenticated File Upload API
#7697 opened May 15, 2026 by ventusfortis Loading…
[GHSA-rpr9-rxv7-x643] Apostrophe has default XSS via xmp raw-text passthrough in sanitize-html
#7696 opened May 15, 2026 by Matsuuu Loading…
2
[GHSA-7gm6-w7mx-58cr] phpBB before 3.3.16 is vulnerable to Host Header...
#7695 opened May 15, 2026 by marc1706 Loading…
1
[GHSA-rpr9-rxv7-x643] Apostrophe has default XSS via xmp raw-text passthrough in sanitize-html
#7694 opened May 14, 2026 by arkon Loading…
1
[GHSA-xp4x-j9vh-c3wf] OS Command Injection and Command Injection in kill-port-process
#7693 opened May 14, 2026 by filipeom Loading…
[GHSA-9v3m-8fp8-mj99] Bootstrap Vulnerable to Cross-Site Scripting
#7691 opened May 14, 2026 by flavorjones Loading…
3
[GHSA-hm49-wcqc-g2xg] net-imap vulnerable to command Injection via "raw" arguments to multiple commands
#7690 opened May 14, 2026 by nevans Loading…
1
[GHSA-66ff-xgx4-vchm] protobuf.js: Code injection through bytes field defaults in generated toObject code
#7689 opened May 14, 2026 by tijuks Loading…
3
[GHSA-cp6g-7hqx-qxhp] The mongo-go-driver repository contains CGo bindings for...
#7688 opened May 13, 2026 by OddBloke Loading…
[GHSA-4h76-926q-wxxw] An Open Redirect vulnerability in the go-chi/chi >=5.2.2...
#7687 opened May 13, 2026 by OddBloke Loading…
Add GHSA-prqw-jx4x-vw4x (OSV.dev XSS security research)
#7686 opened May 13, 2026 by ikow Loading…
[GHSA-5j8p-mmp9-6fj8] Insufficient ownership checks in clientarea.php allow...
#7685 opened May 13, 2026 by boomerangBS Loading…
4
#7682: set fixed version on GHSA-58qw-9mgm-455v
#7683 opened May 13, 2026 by tsokalski Loading…
ProTip! Add no:assignee to see everything that’s not assigned.