github / advisory-database Public

Notifications You must be signed in to change notification settings
Fork 640
Star 2.3k

Code
Issues 88
Pull requests 279
Discussions
Actions
Models
Security and quality
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Models
Security and quality
Insights

Pull requests: github/advisory-database

Labels 15 Milestones 0

New pull request New

279 Open 6,832 Closed

Author

Filter by author

Uh oh!

There was an error while loading. Please reload this page.

Label

Filter by label

Uh oh!

There was an error while loading. Please reload this page.

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Uh oh!

There was an error while loading. Please reload this page.

Milestones

Filter by milestone

Uh oh!

There was an error while loading. Please reload this page.

Reviews

Filter by reviews

No reviews Review required Approved review Changes requested

Assignee

Filter by who’s assigned

Assigned to nobody

Uh oh!

There was an error while loading. Please reload this page.

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Pull requests list

[GHSA-xmjj-hvvj-3jr6] Craft CMS 5.9.5 and earlier contains a Missing...

#8058 opened Jun 17, 2026 by danielhaim1

Loading…

[GHSA-gv7w-rqvm-qjhr] Withdrawn Advisory: esbuild: Missing binary integrity verification in Deno module enables remote code execution via NPM_CONFIG_REGISTRY

#8057 opened Jun 17, 2026 by MartijnHols

Loading…

[GHSA-2j2x-hqr9-3h42] React Router's same-origin redirect with path starting // causes open redirect via protocol-relative URL reinterpretation

#8056 opened Jun 17, 2026 by sealonohana

Loading…

[GHSA-rwm7-x88c-3g2p] Netty epoll transport denial of service via RST on half-closed TCP connection

#8053 opened Jun 17, 2026 by tal-sealsecurity

Loading…

[GHSA-293q-567p-wmwq] SubjectDnX509PrincipalExtractor does not correctly handle...

#8052 opened Jun 17, 2026 by marcelstoer

Loading…

[GHSA-4grm-h2qv-h6w6] Netty HTTP/3 QPACK Blocked Streams Memory Exhaustion

#8050 opened Jun 16, 2026 by julianladisch

Loading…

[GHSA-fv66-9v8q-g76r] React Server Components are Vulnerable to RCE

#8049 opened Jun 16, 2026 by johnnylabare05-bot

Loading…

[GHSA-2f9f-gq7v-9h6m] Add fixed version

#8048 opened Jun 16, 2026 by bayandin

Loading…

[GHSA-x863-p983-p4f7] In an untrusted JMS environment, org.springframework.jms...

#8047 opened Jun 16, 2026 by julianladisch

Loading…

[GHSA-h39j-r5qq-r9mm] All versions of the package decompress are vulnerable to...

#8046 opened Jun 16, 2026 by Alemmi

Loading…

[GHSA-6c8g-7p36-r338] SharpCompress has directory traversal via directory entries in WriteToDirectory (zip slip variant)

#8045 opened Jun 16, 2026 by lewishazell

Loading…

[GHSA-q7cg-457f-vx79] joi has an uncaught RangeError on deeply nested input through recursive link() schemas

#8041 opened Jun 14, 2026 by tats-u

Loading…

[GHSA-36jr-mh4h-2g58] d3-color vulnerable to ReDoS

#8039 opened Jun 14, 2026 by RainSignal

Loading…

[GHSA-29cq-5w36-x7w3] Livewire is vulnerable to remote command execution during component property update hydration

#8038 opened Jun 13, 2026 by Jandel2023

Loading…

[GHSA-rcv7-3vfh-47x6] Privilege Escalation D-Link DIR-1253 via the Hardcoded Component

#8037 opened Jun 13, 2026 by zxhri

Loading…

[GHSA-w4pp-8pjf-rmxw] Versions of the package pacote from 11.2.7 are vulnerable...

#8036 opened Jun 13, 2026 by Capco-srachels

Loading…

[GHSA-cfvq-fj53-j2c7] In version v0.3.8 of open-webui/open-webui, there is an...

#8035 opened Jun 12, 2026 by Classic298

Loading…

[GHSA-2823-wfgm-j3hr] open-webui v0.5.16 is vulnerable to SSRF in routers...

#8034 opened Jun 12, 2026 by Classic298

Loading…

[GHSA-hqhc-8hp4-hrwc] An authentication bypass vulnerability exists in Open...

#8033 opened Jun 12, 2026 by Classic298

Loading…

[GHSA-2rf6-9rc8-rqch] A security vulnerability has been detected in open-webui...

#8032 opened Jun 12, 2026 by Classic298

Loading…

[GHSA-vh96-p962-544h] Open WebUI Cleartext Transmission of Credentials...

#8031 opened Jun 12, 2026 by Classic298

Loading…

[GHSA-cggw-334c-f4mj] Open WebUI load_tool_module_by_id Command Injection...

#8030 opened Jun 12, 2026 by Classic298

Loading…

[GHSA-qr7m-hwp7-qjqg] Open WebUI PIP install_frontmatter_requirements Command...

#8029 opened Jun 12, 2026 by Classic298

Loading…

[GHSA-c6pw-q7f2-97hv] Privilege Escalation in cordova-plugin-inappbrowser

#8028 opened Jun 12, 2026 by NiklasMerz

Loading…

[GHSA-76cg-cfhx-373f] MLFlow unsafe deserialization

#8027 opened Jun 12, 2026 by brawlingthebits

Loading…

Previous 1 2 3 4 5 … 11 12 Next

Previous Next

ProTip! Type g p on any issue or pull request to go back to the pull request listing page.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!