Skip to content

Pull requests: github/advisory-database

New pull request New
24 Open 6,132 Closed
24 Open 6,132 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-6f65-4fv2-wwch] Vendure vulnerable to timing attack that enables user enumeration in NativeAuthenticationStrategy
#6805 opened Feb 7, 2026 by Ali963ali Loading…
1
Add malware advisory MAL-2026-790 for p7zip-full (PyPI)
#6804 opened Feb 7, 2026 by saivarun3407 Loading…
1
[GHSA-563x-8ppc-xc7c] The Bold Page Builder plugin for WordPress is vulnerable...
#6803 opened Feb 7, 2026 by saivarun3407 Loading…
[GHSA-xr72-g735-4vwp] Neo4j Enterprise and Community editions have insufficient escaping of unicode characters in query log
#6802 opened Feb 7, 2026 by saivarun3407 Loading…
[GHSA-52jq-ww84-hqvp] A vulnerability has been found in Sanluan PublicCMS up to...
#6801 opened Feb 7, 2026 by saivarun3407 Loading…
[GHSA-4jqp-9qjv-57m2] Keylime Missing Authentication for Critical Function and Improper Authentication
#6800 opened Feb 7, 2026 by saivarun3407 Loading…
1
[GHSA-xvmh-25jw-gmmm] Moodle affected by a code injection vulnerability
#6799 opened Feb 6, 2026 by asrar-mared Loading…
1
[GHSA-58pw-r2v4-pwjv] Improve advisory details: reference incomplete fix for CVE-2025-11001
#6791 opened Feb 6, 2026 by decsecre583 Loading…
1
[GHSA-x43h-8pfv-xx24] Improve advisory details: reference incomplete fix for CVE-2024-6383
#6790 opened Feb 6, 2026 by decsecre583 Loading…
1
[GHSA-cm59-8rmv-f2cj] Improve advisory details: reference incomplete fix for CVE-2024-5125
#6789 opened Feb 6, 2026 by decsecre583 Loading…
1
[GHSA-8jxr-mccc-mwg8] Improve advisory details: reference incomplete fix for CVE-2024-43795
#6788 opened Feb 6, 2026 by decsecre583 Loading…
1
[GHSA-632q-77qj-c89q] Improve advisory details: reference incomplete fix for CVE-2024-28709
#6787 opened Feb 6, 2026 by decsecre583 Loading…
1
[GHSA-vg7j-7cwx-8wgw] Mongoose search injection vulnerability
#6784 opened Feb 5, 2026 by ljharb Loading…
4
[GHSA-xm59-rqc7-hhvf] nbconvert has an uncontrolled search path that leads to unauthorized code execution on Windows
#6756 opened Feb 2, 2026 by sarvo-madhavan Loading…
1
1
[GHSA-r6q2-hw4h-h46w] Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS
#6733 opened Jan 28, 2026 by ssushant0011 Loading…
2
[GHSA-rqff-837h-mm52] Authorization bypass in url-parse Keep
#6723 opened Jan 26, 2026 by ljharb Loading…
2
[GHSA-xgcg-2hvp-fj6w] A cross-site scripting (XSS) vulnerability exists in...
#6716 opened Jan 26, 2026 by berkpseSICKAG Loading…
[GHSA-77c8-xpc7-q24c] The built-in XY Chart plugin is vulnerable to a DOM XSS...
#6715 opened Jan 26, 2026 by berkpseSICKAG Loading…
[GHSA-w5j6-7wpf-g6rw] A security vulnerability in the /apis/dashboard.grafana...
#6714 opened Jan 26, 2026 by berkpseSICKAG Loading…
1
[GHSA-98pr-9hw5-crg3] An open redirect vulnerability has been identified in...
#6713 opened Jan 26, 2026 by berkpseSICKAG Loading…
1
[GHSA-8v38-pw62-9cw2] url-parse Incorrectly parses URLs that include an '@' Keep
#6700 opened Jan 24, 2026 by ljharb Loading…
2
[GHSA-m494-w24q-6f7w] JDBC Driver for SQL Server has improper input validation issue
#6638 opened Jan 12, 2026 by gdsmith Loading…
3
[GHSA-77r5-gw3j-2mpf] Next.js Vulnerable to HTTP Request Smuggling
#6636 opened Jan 10, 2026 by mistressxalexis Loading…
1
[GHSA-x4c5-c7rf-jjgv] @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
#6573 opened Dec 22, 2025 by G-Rath Loading…
7
ProTip! Add no:assignee to see everything that’s not assigned.