Skip to content

Pull requests: github/advisory-database

New pull request New
123 Open 6,656 Closed
123 Open 6,656 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-vvfc-fp59-m92g] Langflow: DoS Through Lack of File Size Restriction via Deprecated Unauthenticated File Upload API
#7697 opened May 15, 2026 by ventusfortis Loading…
[GHSA-rpr9-rxv7-x643] Apostrophe has default XSS via xmp raw-text passthrough in sanitize-html
#7696 opened May 15, 2026 by Matsuuu Loading…
1
[GHSA-7gm6-w7mx-58cr] phpBB before 3.3.16 is vulnerable to Host Header...
#7695 opened May 15, 2026 by marc1706 Loading…
1
[GHSA-rpr9-rxv7-x643] Apostrophe has default XSS via xmp raw-text passthrough in sanitize-html
#7694 opened May 14, 2026 by arkon Loading…
1
[GHSA-xp4x-j9vh-c3wf] OS Command Injection and Command Injection in kill-port-process
#7693 opened May 14, 2026 by filipeom Loading…
[GHSA-9v3m-8fp8-mj99] Bootstrap Vulnerable to Cross-Site Scripting
#7691 opened May 14, 2026 by flavorjones Loading…
3
[GHSA-hm49-wcqc-g2xg] net-imap vulnerable to command Injection via "raw" arguments to multiple commands
#7690 opened May 14, 2026 by nevans Loading…
1
[GHSA-66ff-xgx4-vchm] protobuf.js: Code injection through bytes field defaults in generated toObject code
#7689 opened May 14, 2026 by tijuks Loading…
1
[GHSA-cp6g-7hqx-qxhp] The mongo-go-driver repository contains CGo bindings for...
#7688 opened May 13, 2026 by OddBloke Loading…
[GHSA-4h76-926q-wxxw] An Open Redirect vulnerability in the go-chi/chi >=5.2.2...
#7687 opened May 13, 2026 by OddBloke Loading…
Add GHSA-prqw-jx4x-vw4x (OSV.dev XSS security research)
#7686 opened May 13, 2026 by ikow Loading…
[GHSA-5j8p-mmp9-6fj8] Insufficient ownership checks in clientarea.php allow...
#7685 opened May 13, 2026 by boomerangBS Loading…
4
#7682: set fixed version on GHSA-58qw-9mgm-455v
#7683 opened May 13, 2026 by tsokalski Loading…
[GHSA-w9f3-qc75-qgx9] PrestaShop has a stored XSS executable in customer service view
#7681 opened May 13, 2026 by BaniMontoya Loading…
1
[GHSA-rv83-g57w-fr8j] On Unix platforms, when listing the contents of a...
#7680 opened May 13, 2026 by julianladisch Loading…
[GHSA-rhgq-f8x5-j2jc] Keycloak's identity-first login flow exposes user information
#7679 opened May 13, 2026 by julianladisch Loading…
[GHSA-jjpq-gp5q-8q6w] Cross-site scripting in Apache Tomcat
#7678 opened May 13, 2026 by aruneko Loading…
2
[GHSA-hfrx-6qgj-fp6c] Apache Commons FileUpload denial of service vulnerability
#7677 opened May 13, 2026 by hara-satoshi-ymr Loading…
1
[GHSA-2m69-gcr7-jv3q] There exists a vulnerability in SQLite versions before 3...
#7675 opened May 12, 2026 by ericsink Loading…
[GHSA-h5x4-m2qf-r4f2] Diesel's SQLite backend has possible UTF-8 corruption
#7674 opened May 12, 2026 by weiznich Loading…
6
[GHSA-4f3f-g24h-fr8m] Keras has an untrusted deserialization vulnerability
#7673 opened May 12, 2026 by maksim-m Contributor Loading…
3
Fix GHSA-9875-cw22-f7cx version ranges
#7672 opened May 12, 2026 by manuelleduc Loading…
[GHSA-7jqf-v358-p8g7] Apache Tomcat Allocation of Resources Without Limits or Throttling vulnerability
#7671 opened May 12, 2026 by hara-satoshi-ymr Loading…
1
[GHSA-qq5r-98hh-rxc9] Apache Tomcat - Security constraint bypass with HTTP/0.9
#7670 opened May 12, 2026 by yusuke-koyoshi Loading…
1
[GHSA-23hv-mwm6-g8jf] Apache Tomcat Session Fixation vulnerability
#7669 opened May 12, 2026 by yusuke-koyoshi Loading…
2
ProTip! Find all pull requests that aren't related to any open issues with -linked:issue.