-
Notifications
You must be signed in to change notification settings - Fork 294
Pull requests: github/advisory-database
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
[GHSA-23qq-p4gq-gc2g] WordOps has TOCTOU race condition
#4535
opened Jun 11, 2024 by
VirtuBox
Loading…
[GHSA-qc99-g3wm-hgxr] Django Arbitrary Code Execution
#4532
opened Jun 11, 2024 by
MarkLee131
Loading…
[GHSA-7gj7-224w-vpr3] Thymeleaf, as used in Spring Boot Admin, allows sandbox bypass via crafted HTML
#4530
opened Jun 11, 2024 by
Subrhamanya
Loading…
[GHSA-g5h3-w546-pj7f] Spring Boot Security Bypass with Wildcard Pattern Matching on Cloud Foundry
#4529
opened Jun 11, 2024 by
namandf
Loading…
[GHSA-qg5r-95m4-mjgj] Reflected Cross-site Scripting in yiisoft/yii2 Debug mode
#4527
opened Jun 10, 2024 by
rob006
Loading…
[GHSA-cjcc-p67m-7qxm] Unsafe Reflection in base Component class in yiisoft/yii2
#4526
opened Jun 10, 2024 by
rob006
Loading…
[GHSA-2p57-rm9w-gvfp] ip SSRF improper categorization in isPublic
#4522
opened Jun 10, 2024 by
Tushar007079
Loading…
[GHSA-78xj-cgh5-2h22] NPM IP package incorrectly identifies some private IP addresses as public
#4521
opened Jun 10, 2024 by
murillonr
Loading…
[GHSA-wr3j-pwj9-hqq6] Path traversal in webpack-dev-middleware
#4520
opened Jun 10, 2024 by
murillonr
Loading…
[GHSA-2p57-rm9w-gvfp] ip SSRF improper categorization in isPublic
#4519
opened Jun 10, 2024 by
murillonr
Loading…
[GHSA-3x57-m5p4-rgh4] ZendOpenID potential security issue in login mechanism
#4518
opened Jun 9, 2024 by
Ybs187
Loading…
[GHSA-3x57-m5p4-rgh4] ZendOpenID potential security issue in login mechanism
#4517
opened Jun 8, 2024 by
flexibrah
Loading…
[GHSA-hxgx-584x-vwm8] Appwrite Server-Side Request Forgery vulnerability
#4514
opened Jun 6, 2024 by
abnegate
Loading…
[GHSA-qmx3-m648-hr74] Log Injection in Apache Sling Commons Log and Apache Sling API
#4505
opened Jun 5, 2024 by
SunBK201
Loading…
[GHSA-8vhq-qq4p-grq3] OS Command Injection in Plexus-utils
#4502
opened Jun 5, 2024 by
SunBK201
Loading…
[GHSA-6phf-73q6-gh87] Insecure Deserialization in Apache Commons Beanutils
#4500
opened Jun 5, 2024 by
SunBK201
Loading…
[GHSA-rgv9-q543-rqg4] Uncontrolled Resource Consumption in FasterXML jackson-databind
#4499
opened Jun 5, 2024 by
SunBK201
Loading…
[GHSA-qxxx-2pp7-5hmx] jackson-databind is vulnerable to a deserialization flaw
#4494
opened Jun 5, 2024 by
SunBK201
Loading…
[GHSA-q5wm-qgxj-h9ph] Missing permission check in Jenkins Kmap Plugin allow SSRF
#4473
opened May 30, 2024 by
secjoker
Loading…
[GHSA-fvcf-wgxj-h7ch] CSRF vulnerability in Jenkins Nomad Plugin allow SSRF
#4472
opened May 30, 2024 by
secjoker
Loading…
[GHSA-3jvv-r7g7-63qp] Cross-site scripting (XSS) vulnerability in SourceBans...
#4466
opened May 28, 2024 by
epicosy
Loading…
Previous Next
ProTip!
What’s not been updated in a month: updated:<2024-05-11.