Skip to content

Pull requests: github/advisory-database

New pull request New
40 Open 4,146 Closed
40 Open 4,146 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-23qq-p4gq-gc2g] WordOps has TOCTOU race condition
#4535 opened Jun 11, 2024 by VirtuBox Loading…
lightning RCE is not fixed in 2.2.2
#4533 opened Jun 11, 2024 by anderruiz Loading…
[GHSA-qc99-g3wm-hgxr] Django Arbitrary Code Execution
#4532 opened Jun 11, 2024 by MarkLee131 Loading…
[GHSA-7gj7-224w-vpr3] Thymeleaf, as used in Spring Boot Admin, allows sandbox bypass via crafted HTML
#4530 opened Jun 11, 2024 by Subrhamanya Loading…
[GHSA-g5h3-w546-pj7f] Spring Boot Security Bypass with Wildcard Pattern Matching on Cloud Foundry
#4529 opened Jun 11, 2024 by namandf Loading…
1
[GHSA-qg5r-95m4-mjgj] Reflected Cross-site Scripting in yiisoft/yii2 Debug mode
#4527 opened Jun 10, 2024 by rob006 Loading…
1
[GHSA-cjcc-p67m-7qxm] Unsafe Reflection in base Component class in yiisoft/yii2
#4526 opened Jun 10, 2024 by rob006 Loading…
1
[GHSA-2p57-rm9w-gvfp] ip SSRF improper categorization in isPublic
#4522 opened Jun 10, 2024 by Tushar007079 Loading…
1
[GHSA-78xj-cgh5-2h22] NPM IP package incorrectly identifies some private IP addresses as public
#4521 opened Jun 10, 2024 by murillonr Loading…
1
[GHSA-wr3j-pwj9-hqq6] Path traversal in webpack-dev-middleware
#4520 opened Jun 10, 2024 by murillonr Loading…
2
[GHSA-2p57-rm9w-gvfp] ip SSRF improper categorization in isPublic
#4519 opened Jun 10, 2024 by murillonr Loading…
1
[GHSA-3x57-m5p4-rgh4] ZendOpenID potential security issue in login mechanism
#4518 opened Jun 9, 2024 by Ybs187 Loading…
1
[GHSA-3x57-m5p4-rgh4] ZendOpenID potential security issue in login mechanism
#4517 opened Jun 8, 2024 by flexibrah Loading…
1
[GHSA-hxgx-584x-vwm8] Appwrite Server-Side Request Forgery vulnerability
#4514 opened Jun 6, 2024 by abnegate Loading…
1
[GHSA-qmx3-m648-hr74] Log Injection in Apache Sling Commons Log and Apache Sling API
#4505 opened Jun 5, 2024 by SunBK201 Loading…
1
[GHSA-q62h-jw38-24vh] Uncaught Exception in zip4j
#4504 opened Jun 5, 2024 by SunBK201 Loading…
1
[GHSA-8vhq-qq4p-grq3] OS Command Injection in Plexus-utils
#4502 opened Jun 5, 2024 by SunBK201 Loading…
1
[GHSA-6phf-73q6-gh87] Insecure Deserialization in Apache Commons Beanutils
#4500 opened Jun 5, 2024 by SunBK201 Loading…
1
[GHSA-rgv9-q543-rqg4] Uncontrolled Resource Consumption in FasterXML jackson-databind
#4499 opened Jun 5, 2024 by SunBK201 Loading…
1
[GHSA-cqqj-4p63-rrmm] HTTP Request Smuggling in Netty
#4498 opened Jun 5, 2024 by SunBK201 Loading…
1
[GHSA-wx5j-54mm-rqqq] HTTP request smuggling in netty
#4496 opened Jun 5, 2024 by SunBK201 Loading…
2
[GHSA-qxxx-2pp7-5hmx] jackson-databind is vulnerable to a deserialization flaw
#4494 opened Jun 5, 2024 by SunBK201 Loading…
1
[GHSA-q5wm-qgxj-h9ph] Missing permission check in Jenkins Kmap Plugin allow SSRF
#4473 opened May 30, 2024 by secjoker Loading…
[GHSA-fvcf-wgxj-h7ch] CSRF vulnerability in Jenkins Nomad Plugin allow SSRF
#4472 opened May 30, 2024 by secjoker Loading…
[GHSA-3jvv-r7g7-63qp] Cross-site scripting (XSS) vulnerability in SourceBans...
#4466 opened May 28, 2024 by epicosy Loading…
2
ProTip! What’s not been updated in a month: updated:<2024-05-11.