Skip to content

Pull requests: github/advisory-database

New pull request New
Clear current search query, filters, and sorts
8 Open 5,203 Closed
8 Open 5,203 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-cvx7-x8pj-x2gw] CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification
#5698 by dfarrell07 was closed Jun 9, 2025 Loading…
2
[GHSA-cvx7-x8pj-x2gw] CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification
#5697 by Dentrax was closed Jun 9, 2025 Loading…
3
[GHSA-cvx7-x8pj-x2gw] CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification
#5696 by dfunkt was merged Jun 9, 2025 Loading…
2
[GHSA-g92j-qhmh-64v2] Sentry's Python SDK unintentionally exposes environment variables to subprocesses
#5694 by cgurnik was merged Jun 6, 2025 Loading…
3
[GHSA-g3p6-82vc-43jh] Yii 2 Redis may expose AUTH paramters in logs in case of connection failure
#5693 by particleflux was merged Jun 6, 2025 Loading…
2
[GHSA-8j8w-wwqc-x596] Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11...
#5691 by Malayke was merged Jun 6, 2025 Loading…
1
[GHSA-v3c8-3pr6-gr7p] Multiple vector store integrations in run-llama...
#5690 by Malayke was merged Jun 6, 2025 Loading…
1
[GHSA-jr6h-r7vg-f9mc] org.ini4j allows attackers to cause a Denial of Service (DoS)
#5687 by cx-eilon-cohen was merged Jun 4, 2025 Loading…
3
[GHSA-wrxf-x8rm-6ggg] Fluent Fluentd and Fluent-ui use default password
#5686 by kenhys was merged Jun 5, 2025 Loading…
3
[GHSA-rhx6-c78j-4q9w] Unpatched path-to-regexp ReDoS in 0.1.x
#5685 by dloetzke was merged Jun 3, 2025 Loading…
2
[GHSA-4wp7-92pw-q264] CVE-2024-38820 ensured Locale-independent, lowercase...
#5683 by ryanmurf was merged Jun 2, 2025 Loading…
5
[GHSA-xh6m-7cr7-xx66] Missing permission checks on Hazelcast client protocol
#5682 by jorditpuig was merged May 30, 2025 Loading…
1
[GHSA-m6vm-37g8-gqvh] MySQL Connectors takeover vulnerability
#5681 by daniel-jaimes was closed May 30, 2025 Loading…
[GHSA-4gc7-5j7h-4qph] Spring Framework DataBinder Case Sensitive Match Exception
#5680 by joshbressers was merged May 29, 2025 Loading…
2
[GHSA-7chv-rrw6-w6fc] XStream is vulnerable to a Remote Command Execution attack
#5679 by decsecre583 was merged May 29, 2025 Loading…
1
[GHSA-xhfx-hgmf-v6vp] Potential Host Header Poisoning on misconfigured servers
#5678 by decsecre583 was merged May 29, 2025 Loading…
1
[GHSA-xpw8-rcwv-8f8p] io.netty:netty-codec-http2 vulnerable to HTTP/2 Rapid Reset Attack
#5677 by aaronmaxlevy was closed May 30, 2025 Loading…
2
[GHSA-j4f2-536g-r55m] Resource exhaustion in engine.io
#5676 by decsecre583 was merged May 29, 2025 Loading…
1
[GHSA-gwfg-cqmg-cf8f] WEBRick vulnerable to HTTP Request/Response Smuggling High
#5675 by decsecre583 was closed May 30, 2025 Loading…
2
[GHSA-c52f-pq47-2r9j] plugin.yaml file allows for duplicate entries in helm
#5674 by decsecre583 was merged May 29, 2025 Loading…
2
[GHSA-qhrx-hcm6-pmrw] Unsafe deserialization in SmtpTransport in CakePHP
#5673 by decsecre583 was merged May 29, 2025 Loading…
1
[GHSA-pgwj-prpq-jpc2] Symfony Service IDs Allow Injection
#5672 by decsecre583 was merged May 29, 2025 Loading…
1
[GHSA-jp4x-w63m-7wgm] Prototype Pollution in hoek
#5671 by decsecre583 was merged May 29, 2025 Loading…
1
[GHSA-w578-j992-554x] Ansible fails to properly mark lookup-plugin results as unsafe
#5670 by decsecre583 was merged May 29, 2025 Loading…
2
[GHSA-jc7r-v6fg-2gpf] Apache CXF TLS hostname verification does not work correctly with com.sun.net.ssl.*
#5669 by ebickle was merged May 29, 2025 Loading…
2
ProTip! Exclude everything labeled bug with -label:bug.