Skip to content

Pull requests: github/advisory-database

New pull request New
36 Open 6,544 Closed
36 Open 6,544 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-8j4w-5fw4-rm27] Prototype Pollution in deeply
#7456 opened Apr 20, 2026 by Wenxin-Jiang Loading…
[GHSA-884p-74jh-xrg2] Command Injection in tree-kill
#7455 opened Apr 20, 2026 by Wenxin-Jiang Loading…
[GHSA-86wf-436m-h424] Resource Exhaustion Denial of Service in http-proxy-agent
#7454 opened Apr 20, 2026 by Wenxin-Jiang Loading…
[GHSA-7mg4-w3w5-x5pc] Prototype pollution in json-pointer
#7453 opened Apr 20, 2026 by Wenxin-Jiang Loading…
[GHSA-6g33-8w2q-4hxv] robots-txt-guard Inefficient Regular Expression Complexity vulnerability
#7452 opened Apr 20, 2026 by Wenxin-Jiang Loading…
[GHSA-29xr-v42j-r956] thenify before 3.3.1 made use of unsafe calls to eval.
#7451 opened Apr 20, 2026 by Wenxin-Jiang Loading…
[GHSA-28xh-wpgr-7fm8] Command Injection in open
#7450 opened Apr 20, 2026 by Wenxin-Jiang Loading…
[GHSA-28g4-38q8-3cwc] Flowise: Cypher Injection in GraphCypherQAChain
#7449 opened Apr 20, 2026 by nikpivkin Loading…
2
[GHSA-rg7c-g689-fr3x] Google Agent Development Kit (ADK) has a Code Injection and Missing Authentication vulnerability
#7447 opened Apr 20, 2026 by philrollet Loading…
[GHSA-gcq8-j4vp-vgvp] Uncaught exception in OpenBMC Firmware for some Intel(R)...
#7446 opened Apr 20, 2026 by wongchaiyathamchaiphetwongchai-hue Loading…
[GHSA-cq8v-f236-94qc] Rand is unsound with a custom logger using rand::rng()
#7445 opened Apr 20, 2026 by ShoyuVanilla Loading…
[GHSA-rmmh-p597-ppvv] An issue in the anchors subparser of Showdownjs versions ...
#7444 opened Apr 20, 2026 by LukasChristel Loading…
1
[GHSA-9cp7-j3f8-p5jx] Daptin has Unauthenticated Path Traversal and Zip Slip
#7443 opened Apr 20, 2026 by cerquedai628-blip Loading…
1
Add 3 critical security advisories for hexstrike-ai (0x4m4/hexstrike-ai)
#7442 opened Apr 20, 2026 by sermikr0 Loading…
[GHSA-85q9-7467-r53q] XSS Vulnerability in Markdown Editor
#7440 opened Apr 19, 2026 by brawlingthebits Loading…
4
[GHSA-4w7w-66w2-5vf9] Vite Vulnerable to Path Traversal in Optimized Deps .map Handling
#7439 opened Apr 19, 2026 by efikcoineternal Loading…
1
[GHSA-23f4-hfmq-94mj] Quick-Media Batik Codec FIX Package has Buffer Overflow Vulnerability in PNG Codec
#7438 opened Apr 19, 2026 by carlosame Loading…
[GHSA-8623-9fwr-4cxv] Quick-Media Batik Codec FIX package has Code Injection vulnerability
#7437 opened Apr 19, 2026 by carlosame Loading…
[GHSA-jpcq-cgw6-v4j6] Potential XSS vulnerability in jQuery
#7435 opened Apr 19, 2026 by sealonohana Loading…
2
[GHSA-fjqv-vj6q-4fcm] A flaw was found in libarchive. A NULL pointer...
#7434 opened Apr 18, 2026 by kientzle Loading…
[GHSA-cq8v-f236-94qc] Rand is unsound with a custom logger using rand::rng()
#7433 opened Apr 18, 2026 by simonhollingshead Loading…
[GHSA-wh4c-j3r5-mjhp] xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion
#7431 opened Apr 18, 2026 by karfau Loading…
2
[GHSA-qrr6-mg7r-m243] PHPUnit has Argument injection via newline in PHP INI values that are forwarded to child processes
#7430 opened Apr 18, 2026 by sebastianbergmann Loading…
4
[GHSA-cjmm-f4jc-qw8r] DOMPurify ADD_ATTR predicate skips URI validation
#7428 opened Apr 17, 2026 by alejandl-msft Loading…
2
[GHSA-355h-qmc2-wpwf] Jetty has HTTP Request Smuggling via Chunked Extension Quoted-String Parsing
#7421 opened Apr 17, 2026 by jhy Loading…
7
ProTip! Mix and match filters to narrow down what you’re looking for.