github / advisory-database Public

Notifications You must be signed in to change notification settings
Fork 630
Star 2.3k

Code
Issues 84
Pull requests 189
Discussions
Actions
Models
Security and quality
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Models
Security and quality
Insights

Pull requests: github/advisory-database

Labels 15 Milestones 0

New pull request New

189 Open 6,784 Closed

Author

Filter by author

Uh oh!

There was an error while loading. Please reload this page.

Label

Filter by label

Uh oh!

There was an error while loading. Please reload this page.

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Uh oh!

There was an error while loading. Please reload this page.

Milestones

Filter by milestone

Uh oh!

There was an error while loading. Please reload this page.

Reviews

Filter by reviews

No reviews Review required Approved review Changes requested

Assignee

Filter by who’s assigned

Assigned to nobody

Uh oh!

There was an error while loading. Please reload this page.

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Pull requests list

[GHSA-5mrr-rgp6-x4gr] Command Injection in marsdb

#7914 opened Jun 9, 2026 by msh0625

Loading…

GHSA-rcmh-qjqh-p98v: Add Maven webjar (org.webjars.npm:nodemailer) as affected package

#7913 opened Jun 8, 2026 by albertabiev1

Loading…

[GHSA-pjwm-rvh2-c87w] Embedded malware in ua-parser-js

#7912 opened Jun 8, 2026 by conorfitch

Loading…

[GHSA-8r9q-7v3j-jr4g] Correct affected version range for CVE-2026-0621

#7911 opened Jun 8, 2026 by albertabiev1

Loading…

[GHSA-7pq2-fhx9-x464] Apache Shiro’s Jakarta EE module used the HTTP Referer...

#7910 opened Jun 8, 2026 by yeikel

Loading…

[GHSA-h524-452v-82p9] Decoding a maliciously-crafted MIME header containing...

#7909 opened Jun 7, 2026 by tarampampam

Loading…

Update zpan CVE-2025-7453 patched version

#7908 opened Jun 6, 2026 by saltbo

Loading…

[GHSA-9wxq-mwqw-8hhg] Java Deserialisation Vulnerability in Jaspersoft Reports...

#7907 opened Jun 5, 2026 by pmurck

Loading…

[GHSA-rr89-w3h9-m66j] ExifReader is vulnerable to denial of service via unbounded decompression of image metadata

#7906 opened Jun 5, 2026 by yuki-matsuhashi

Loading…

[GHSA-h64w-w9pr-82m4] ExifReader is vulnerable to denial of service via crafted ICC mluc tag

#7905 opened Jun 5, 2026 by yuki-matsuhashi

Loading…

[GHSA-wc7j-g8wx-m2qx] Pimcore: Missing Authorization in WebDAV MOVE via unchecked asset move handling

#7904 opened Jun 5, 2026 by kingjia90

Loading…

[GHSA-r2f4-ff2p-xc64] Pimcore Platform - SQL Injection in DataObject composite index handling during class definition import/save

#7903 opened Jun 5, 2026 by kingjia90

Loading…

[GHSA-jwcc-gv4m-93x6] Pimcore has a CustomReports Share Bypass

#7902 opened Jun 5, 2026 by kingjia90

Loading…

[GHSA-36fc-7wjg-mfvj] Pimcore has Unsafe PHP Deserialization in Multiple Locations Without allowed_classes Restriction

#7901 opened Jun 5, 2026 by kingjia90

Loading…

[GHSA-332x-r494-54fq] Pimcore has a WordExport Authorization Bypass for Unauthorized Document Export

#7900 opened Jun 5, 2026 by kingjia90

Loading…

[GHSA-h4ph-crvj-9h92] Pimcore Admin Classic Bundle Vulnerable to SQL Injection in Translation Grid Date Filter via Unsanitized Property Parameter

#7899 opened Jun 5, 2026 by kingjia90

Loading…

[GHSA-3234-gxc3-pq6f] Pimcore Vulnerable to SQL Injection in Custom Reports Column Configuration

#7898 opened Jun 5, 2026 by kingjia90

Loading…

[GHSA-rxv8-25v2-qmq8] React Router vulnerable to Denial of Service via reflected user input in single-fetch

#7895 opened Jun 4, 2026 by arafatjoyadh0414-ux

Loading…

[GHSA-wg65-39gg-5wfj] Prometheus Azure AD remote write OAuth client secret exposed via config API

#7886 opened Jun 4, 2026 by noren95

Loading…

[GHSA-rmj9-q58g-9qgg] go-unzip vulnerable to Path Traversal

#7885 opened Jun 3, 2026 by amita-seal

Loading…

[GHSA-799x-qp47-8qwq] Apache Airflow's EmailOperator and the underlying ...

#7879 opened Jun 2, 2026 by francisbergin

Loading…

[GHSA-gxr4-xjj5-5px2] Potential XSS vulnerability in jQuery

#7877 opened Jun 2, 2026 by Athlon1600

Loading…

[GHSA-mx76-r943-rf8g] Bouncy Castle has a vulnerability in program files gcm128w, gcm512w

#7874 opened Jun 1, 2026 by discerningdev

Loading…

[GHSA-q8mj-m7cp-5q26] qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/undefined entries in comma-format arrays when encodeValuesOnly is set

#7873 opened Jun 1, 2026 by Lokeninfinitypoint

Loading…

chore: introduced version in GHSA advisory

#7872 opened Jun 1, 2026 by jasonsaayman

Loading…

Previous 1 2 3 4 5 6 7 8 Next

Previous Next

ProTip! no:milestone will show everything without a milestone.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!