Skip to content

Pull requests: github/advisory-database

New pull request New
234 Open 6,894 Closed
234 Open 6,894 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Enrich GHSA-xp7f-v245-w3w8 (CVE-2026-38361, dash-uploader DoS): resubmit of #7636
#8076 opened Jun 20, 2026 by a1ohadance Loading…
[GHSA-wqp7-x3pw-xc5r] Starlette: SSRF and NTLM credential theft via UNC paths in StaticFiles on Windows
#8075 opened Jun 19, 2026 by arafatjoyadh0414-ux Loading…
2
[GHSA-8xpq-cjcf-3wh9] Deno: Permission Bypass via Unicode Normalization Mismatch on macOS (APFS)
#8074 opened Jun 19, 2026 by tomasilluminati Loading…
2
[GHSA-wf44-4mgj-rwvx] OpenStack Neutron Improper Input Validation vulnerability
#8073 opened Jun 19, 2026 by cardoe Loading…
[GHSA-64mm-vxmg-q3vj] http-proxy-middleware router host+path substring matching allows Host-header-driven backend routing bypass
#8072 opened Jun 19, 2026 by G-Rath Loading…
4
Add affected range to GHSA-q9xm-f36c-xm3q (@steipete/summarize)
#8071 opened Jun 19, 2026 by faketut Loading…
Add affected range to GHSA-434r-7c99-hwf3 (nanobot-ai)
#8070 opened Jun 19, 2026 by faketut Loading…
Add affected range to GHSA-m3v4-v5gx-7wf5 (openmed)
#8069 opened Jun 19, 2026 by faketut Loading…
Add affected range to GHSA-mvq4-39wx-6h5g (mysql-mcp-server)
#8068 opened Jun 19, 2026 by faketut Loading…
[GHSA-vg35-5wq7-3x7w] TinyMCE Cross-Site Scripting (XSS) vulnerability using media plugin data-mce-object injection
#8067 opened Jun 19, 2026 by sbrinkhorst Loading…
2
[GHSA-792x-6vq6-j8r9] A malicious or compromised FTP/SFTP/SMB server can write...
#8064 opened Jun 18, 2026 by julianladisch Loading…
[GHSA-ghvc-7hp8-2g2v] There is no restriction on the amount of attachment...
#8063 opened Jun 18, 2026 by julianladisch Loading…
[GHSA-qqcr-9jfc-35c4] OXID eShop May Display User Information
#8062 opened Jun 18, 2026 by SvenBrunk Loading…
[GHSA-qh8g-58pp-2wxh] Eclipse Jetty URI parsing of invalid authority
#8061 opened Jun 18, 2026 by noren95 Loading…
2
[GHSA-45mx-g85m-wwm3] Obsidian does not require user confirmation for non-http/https URLs.
#8059 opened Jun 17, 2026 by jacobtread Loading…
[GHSA-xmjj-hvvj-3jr6] Craft CMS 5.9.5 and earlier contains a Missing...
#8058 opened Jun 17, 2026 by danielhaim1 Loading…
[GHSA-2j2x-hqr9-3h42] React Router's same-origin redirect with path starting // causes open redirect via protocol-relative URL reinterpretation
#8056 opened Jun 17, 2026 by sealonohana Loading…
1
[GHSA-rwm7-x88c-3g2p] Netty epoll transport denial of service via RST on half-closed TCP connection
#8053 opened Jun 17, 2026 by tal-sealsecurity Loading…
1
[GHSA-293q-567p-wmwq] SubjectDnX509PrincipalExtractor does not correctly handle...
#8052 opened Jun 17, 2026 by marcelstoer Loading…
[GHSA-4grm-h2qv-h6w6] Netty HTTP/3 QPACK Blocked Streams Memory Exhaustion
#8050 opened Jun 16, 2026 by julianladisch Loading…
1
[GHSA-fv66-9v8q-g76r] React Server Components are Vulnerable to RCE
#8049 opened Jun 16, 2026 by johnnylabare05-bot Loading…
[GHSA-2f9f-gq7v-9h6m] Add fixed version
#8048 opened Jun 16, 2026 by bayandin Loading…
[GHSA-x863-p983-p4f7] In an untrusted JMS environment, org.springframework.jms...
#8047 opened Jun 16, 2026 by julianladisch Loading…
[GHSA-h39j-r5qq-r9mm] All versions of the package decompress are vulnerable to...
#8046 opened Jun 16, 2026 by Alemmi Loading…
5
[GHSA-6c8g-7p36-r338] SharpCompress has directory traversal via directory entries in WriteToDirectory (zip slip variant)
#8045 opened Jun 16, 2026 by lewishazell Loading…
1
ProTip! Find all pull requests that aren't related to any open issues with -linked:issue.