-
Notifications
You must be signed in to change notification settings - Fork 456
Pull requests: github/advisory-database
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
[GHSA-639h-gpc4-26xv] A vulnerability was found in Buttercup buttercup-browser...
#6042
opened Aug 24, 2025 by
lukechilds
Loading…
[GHSA-hpqf-m68j-2pfx] js-object-utilities Vulnerable to Prototype Pollution
#6041
opened Aug 21, 2025 by
nkhayet
Loading…
[GHSA-qq6h-5g6j-q3cm] sweetalert2 v11.4.9 and above contains hidden functionality
#6032
opened Aug 19, 2025 by
Humni
Loading…
[GHSA-457r-cqc8-9vj9] sweetalert2 v10.16.10 and above contains hidden functionality
#6031
opened Aug 19, 2025 by
Humni
Loading…
[GHSA-8jh9-wqpf-q52c] sweetalert2 v8.19.1 and above contains hidden functionality
#6030
opened Aug 19, 2025 by
Humni
Loading…
[GHSA-3c93-92r7-j934] Grafana Infinity Datasource Plugin SSRF Vulnerability
#6029
opened Aug 19, 2025 by
DanCech
Loading…
[GHSA-w2cq-g8g3-gm83] content-security-policy-parser Prototype Pollution Vulnerability May Lead to RCE
#6026
opened Aug 19, 2025 by
byt3n33dl3
Loading…
[GHSA-q355-h244-969h] Komari vulnerable to Cross-site WebSocket Hijacking
#6021
opened Aug 17, 2025 by
byt3n33dl3
Loading…
[GHSA-xh69-987w-hrp8] resolv vulnerable to DoS via insufficient DNS domain name length validation
#6019
opened Aug 15, 2025 by
manunio
Loading…
[GHSA-859w-5945-r5v3] Vite's server.fs.deny bypassed with /. for files under project root
#6018
opened Aug 15, 2025 by
Ecg-creator
•
Draft
[GHSA-6v2p-p543-phr9] golang.org/x/oauth2 Improper Validation of Syntactic Correctness of Input vulnerability
#5995
opened Aug 13, 2025 by
jchax
Loading…
[GHSA-34rf-485x-g5h7] Arbitrary Command Injection in Kubernetes Headlamp via macOS Process codeSign
#5802
opened Jul 11, 2025 by
opsysdebug
Loading…
[GHSA-9pp5-9c7g-4r83] Spring Security authorization bypass for method security annotations on private methods
Keep
#5747
opened Jun 24, 2025 by
tomabai
Loading…
ProTip!
Exclude everything labeled
bug with -label:bug.