-
Notifications
You must be signed in to change notification settings - Fork 440
Insights: github/advisory-database
Overview
Could not load contribution data
Please try again later
45 Pull requests merged by 33 people
-
[GHSA-3mcp-9wr4-cjqf] Remote Code Execution (RCE) vulnerability in dropwizard-validation
#5785 merged
Jul 3, 2025 -
[GHSA-fj44-h6xw-896g] react-native-keys 0.7.11 is vulnerable to sensitive...
#5788 merged
Jul 2, 2025 -
[GHSA-cqqj-4p63-rrmm] HTTP Request Smuggling in Netty
#5784 merged
Jul 2, 2025 -
[GHSA-5h6x-m52p-23ph] Improper Certificate Validation in Apache Qpid Proton
#5780 merged
Jul 1, 2025 -
[GHSA-gpqc-4pp7-5954] Authentication Bypass by CSRF Weakness
#5783 merged
Jul 1, 2025 -
[GHSA-v6w3-2prq-h95f] Improper Input Validation in Jakarta Expression Language
#5782 merged
Jul 1, 2025 -
[GHSA-m964-fjrh-xxq2] Deserialization of Untrusted Data vulnerability in Apache...
#5772 merged
Jun 30, 2025 -
[GHSA-jc9r-qcgw-fxq9] A vulnerability was found in sparklemotion nokogiri up to...
#5778 merged
Jun 30, 2025 -
[GHSA-48p4-8xcf-vxj5] urllib3 does not control redirects in browsers and Node.js
#5776 merged
Jun 30, 2025 -
[GHSA-g93m-8x6h-g5gv] When using IPAuthenticationProvider in ZooKeeper Admin...
#5775 merged
Jun 30, 2025 -
[GHSA-rvqx-wpfh-mfx7] Langflow Unauth RCE
#5773 merged
Jun 30, 2025 -
[GHSA-vhxf-7vqr-mrjg] DOMPurify allows Cross-site Scripting (XSS)
#5763 merged
Jun 30, 2025 -
[GHSA-fc9h-whq2-v747] Valid ECDSA signatures erroneously rejected in Elliptic
#5442 merged
Jun 27, 2025 -
[GHSA-rx97-6c62-55mf] Hashicorp Nomad Incorrect Privilege Assignment vulnerability
#5759 merged
Jun 27, 2025 -
[GHSA-h4h6-vccr-44h2] uptrace pgdriver SQL injection vulnerability
#5746 merged
Jun 25, 2025 -
[GHSA-9v35-4xcr-w9ph] NetBird uses a static initialization vector (IV)
#5714 merged
Jun 25, 2025 -
[GHSA-4h8f-2wvx-gg5w] Bouncy Castle Java Cryptography API vulnerable to DNS poisoning
#5717 merged
Jun 24, 2025 -
[GHSA-wrxf-x8rm-6ggg] Fluent Fluentd and Fluent-ui use default password
#5692 merged
Jun 23, 2025 -
[GHSA-v6x6-4v4x-2fx9] Lunary Cross-Site Request Forgery (CSRF) vulnerability
#5741 merged
Jun 20, 2025 -
[GHSA-6p2q-8qfq-wq7x] Lunary improper access control vulnerability
#5740 merged
Jun 20, 2025 -
[GHSA-9jmp-j63g-8x6m] Lunary information disclosure vulnerability
#5739 merged
Jun 20, 2025 -
[GHSA-rpx8-fg6w-rm6x] lunary-ai/lunary XSS in SAML metadata endpoint
#5738 merged
Jun 20, 2025 -
[GHSA-5m48-vr54-vmh3] jersey: XXE via parameter entities not disabled by the...
#5735 merged
Jun 19, 2025 -
[GHSA-qvhf-3567-pc4v] Sandbox bypass vulnerability in Script Security Plugin
#5732 merged
Jun 19, 2025 -
[GHSA-2hcm-q3f4-fjgw] Arbitrary file write as the OSV-SCALIBR user on the host...
#5729 merged
Jun 18, 2025 -
[GHSA-wgc6-9f6w-h8hx] microlight allows a denial of service
#5730 merged
Jun 18, 2025 -
[GHSA-887c-mr87-cxwp] PyTorch Improper Resource Shutdown or Release vulnerability
#5728 merged
Jun 17, 2025 -
Improve GHSA-274v-mgcv-cm8j
#5723 merged
Jun 17, 2025 -
[GHSA-274v-mgcv-cm8j] Argo CD GitOps Engine does not scrub secret values from patch errors
#5689 merged
Jun 17, 2025 -
[GHSA-qvjc-g5vr-mfgr] Regular Expression Denial of Service in papaparse
#5719 merged
Jun 16, 2025 -
[GHSA-h4j7-5rxr-p4wc] Microsoft.Build.Tasks.Core .NET Spoofing Vulnerability
#5718 merged
Jun 16, 2025 -
[GHSA-rf6q-vx79-mjxr] Undertow Uncontrolled Resource Consumption
#5715 merged
Jun 12, 2025 -
[GHSA-v6h2-p8h4-qcjw] brace-expansion Regular Expression Denial of Service vulnerability
#5716 merged
Jun 11, 2025 -
[GHSA-pfq8-rq6v-vf5m] kangax html-minifier REDoS vulnerability
#5695 merged
Jun 11, 2025 -
[GHSA-cvx7-x8pj-x2gw] CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification
#5696 merged
Jun 9, 2025 -
[GHSA-8j8w-wwqc-x596] Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11...
#5691 merged
Jun 6, 2025 -
[GHSA-v3c8-3pr6-gr7p] Multiple vector store integrations in run-llama...
#5690 merged
Jun 6, 2025 -
[GHSA-g3p6-82vc-43jh] Yii 2 Redis may expose AUTH paramters in logs in case of connection failure
#5693 merged
Jun 6, 2025 -
[GHSA-wrxf-x8rm-6ggg] Fluent Fluentd and Fluent-ui use default password
#5686 merged
Jun 5, 2025
2 Pull requests opened by 2 people
-
[GHSA-9fq2-x9r6-wfmf] Numpy Deserialization of Untrusted Data
#5777 opened
Jun 30, 2025
14 Issues closed by 5 people
-
## Code Review
#5789 closed
Jul 4, 2025 -
Clarification on Overlap Between GHSA-gpqc-4pp7-5954 and GHSA-26xx-m4q2-xhq8
#5756 closed
Jul 2, 2025 -
Possible Inaccuracy in XXE Vulnerability: Advisory-[GHSA-jffq-528j-mp6c]
#5767 closed
Jul 2, 2025 -
Incorrect Package Attribution in GHSA-7rvp-xqj7-rxf2
#5787 closed
Jul 2, 2025 -
Maven advisories missing scala SBT suffixes in package names
#5781 closed
Jul 2, 2025 -
Check out this app!
#5771 closed
Jun 30, 2025 -
Review requested:
#5770 closed
Jun 30, 2025 -
Data
#5769 closed
Jun 30, 2025 -
Include Mend.io database
#5727 closed
Jun 26, 2025 -
Add ENISA (European Union Vulenarabilty Database) as alternative to NIST to Advisoary Database
#5745 closed
Jun 24, 2025 -
Newton Protocol: Verifiable Automation Layer for Onchain Finance
#5743 closed
Jun 23, 2025 -
false-positive on multiple packages
#5736 closed
Jun 19, 2025 -
Advisory GHSA-g434-3q2j-hj4r lists incorrect fixed version
#5688 closed
Jun 17, 2025 -
Correction Required in GHSA-2pcj-76hj-xqhm Advisory
#5684 closed
Jun 9, 2025
3 Issues opened by 3 people
-
Advisory GHSA-p3xv-97g8-4wmj lists incorrect fixed version
#5790 opened
Jul 4, 2025 -
Go: Supported ecosystem
#5762 opened
Jun 27, 2025 -
question: how handle `affected[].ranges[].events` + `affectedversions-field`
#5734 opened
Jun 19, 2025
1 Unresolved conversation
Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.
-
julia ecosystem support
#1689 commented on
Jul 1, 2025 • 0 new comments