github / advisory-database Public

Notifications You must be signed in to change notification settings
Fork 598
Star 2.3k

Code
Issues 84
Pull requests 61
Discussions
Actions
Models
Security and quality
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Models
Security and quality
Insights

Pull requests: github/advisory-database

Labels 15 Milestones 0

New pull request New

Clear current search query, filters, and sorts

61 Open 6,615 Closed

Author

Filter by author

Uh oh!

There was an error while loading. Please reload this page.

Label

Filter by label

Uh oh!

There was an error while loading. Please reload this page.

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Uh oh!

There was an error while loading. Please reload this page.

Milestones

Filter by milestone

Uh oh!

There was an error while loading. Please reload this page.

Reviews

Filter by reviews

No reviews Review required Approved review Changes requested

Assignee

Filter by who’s assigned

Assigned to nobody

Uh oh!

There was an error while loading. Please reload this page.

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Pull requests list

[GHSA-rvhj-8chj-8v3c] Mflow: Command Injection when serving models with enable_mlserver=True

#7507 opened Apr 26, 2026 by rotemd-apiiro

Loading…

[GHSA-x4p7-7chp-64hq] Keycloak: Unauthorized authentication via disabled SAML Identity Provider

#7502 opened Apr 24, 2026 by sekveaja

Loading…

[GHSA-653p-vg55-5652] Apache Tomcat Uncontrolled Resource Consumption vulnerability

#7521 opened Apr 28, 2026 by yusuke-koyoshi

Loading…

[GHSA-95jq-rwvf-vjx4] Apache Tomcat: CLIENT_CERT authentication does not fail as expected

#7522 opened Apr 28, 2026 by aruneko

Loading…

[GHSA-h7wm-ph43-c39p] Scrapy denial of service vulnerability

#7532 opened Apr 28, 2026 by G-Rath

Loading…

[GHSA-x5gf-qvw8-r2rm] pm2 Regular Expression Denial of Service vulnerability

#7513 opened Apr 27, 2026 by corridormatt

Loading…

[GHSA-p93r-85wp-75v3] Bouncy Castle Has Covert Timing Channel Vulnerability

#7542 opened Apr 29, 2026 by amita-seal

Loading…

Improve GHSA-fm3h-p9wm-h74h

#7546 opened Apr 29, 2026 by e7457166-a11y

Loading…

[GHSA-58qw-9mgm-455v] pip has an interpretation conflict due to handling both concatenated tar and ZIP files as ZIP files

#7574 opened May 4, 2026 by amine-malloul-gira

Loading…

[GHSA-hvph-5985-r63v] A flaw has been found in PrefectHQ prefect up to 3.6.13....

#7581 opened May 4, 2026 by nedlir

Loading…

[GHSA-6rr6-v7cj-mxpg] A vulnerability was detected in PrefectHQ prefect up to 3...

#7580 opened May 4, 2026 by nedlir

Loading…

[GHSA-x73w-g8hx-v7rp] Code injection in electerm

#7579 opened May 4, 2026 by filipeom

Loading…

[GHSA-qmq6-f8pr-cx5x] DUPLICATE - uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided

#7555 opened Apr 30, 2026 by julianladisch

Loading…

[GHSA-5wfc-hjrc-gq87] hjson stack exhaustion vulnerability

#7552 opened Apr 30, 2026 by achibear

Loading…

[GHSA-w5hq-g745-h8pq] uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided

#7553 opened Apr 30, 2026 by julianladisch

Loading…

[GHSA-p3pq-hxmr-vqqr] A vulnerability has been found in PrefectHQ prefect up to...

#7582 opened May 4, 2026 by nedlir

Loading…

[GHSA-6rcx-55r6-jx65] A vulnerability was found in PrefectHQ prefect up to 3.6...

#7583 opened May 4, 2026 by nedlir

Loading…

Add GHSA-fhw2-h46x-v2mj: Arbitrary local file disclosure in @playwright/mcp

#7511 opened Apr 27, 2026 by mmzha2013

Loading…

[GHSA-v92g-xgxw-vvmm] Mako: Path traversal via double-slash URI prefix in TemplateLookup

#7508 opened Apr 26, 2026 by augustocesarperin

Loading…

[GHSA-jfwf-28xr-xw6q] RClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command execution

#7510 opened Apr 27, 2026 by augustocesarperin

Loading…

[GHSA-qj8w-gfj5-8c6v] Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects

#7506 opened Apr 26, 2026 by sealonohana

Loading…

fix: correct GHSA-4j5j-58j7-6c3w dulwich fixed version 0.9.9 -> 0.10.0

#7482 opened Apr 21, 2026 by DEVSOG12

Loading…

[GHSA-mw35-8rx3-xf9r] Ray: Remote Code Execution via Parquet Arrow Extension Type Deserialization

#7504 opened Apr 25, 2026 by shakevsky

Loading…

[GHSA-vf77-8h7g-gghp] Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat

#7518 opened Apr 28, 2026 by aruneko

Loading…

[GHSA-24j9-x2wg-9qv6] Apache Tomcat: CLIENT_CERT authentication does not fail as expected

#7515 opened Apr 28, 2026 by aruneko

Loading…

Previous 1 2 3 Next

Previous Next

ProTip! no:milestone will show everything without a milestone.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!