Skip to content

Pull requests: github/advisory-database

New pull request New
153 Open 6,729 Closed
153 Open 6,729 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-8gw3-rxh4-v6jx] expr-eval vulnerable to Prototype Pollution
#7806 opened May 22, 2026 by vladko312 Loading…
[GHSA-45vw-wh46-2vx8] Twig: Arbitrary PHP code execution via _self.(<string>) macro-reference compilation
#7805 opened May 22, 2026 by vladko312 Loading…
3
[GHSA-p93r-85wp-75v3] Bouncy Castle Has Covert Timing Channel Vulnerability
#7804 opened May 22, 2026 by jmini Loading…
2
[GHSA-7g5w-pq96-8c5w] flash-attention contains an insecure deserialization vulnerability in its checkpoint loading mechanism
#7803 opened May 22, 2026 by warsang Loading…
[GHSA-97jf-46m3-8953] Improper authentication in Azure SDK allows an...
#7802 opened May 22, 2026 by scottaddie Loading…
1
[GHSA-qqj3-g7mx-5p4w] NeuVector telemetry sender is vulnerable to MITM and DoS
#7801 opened May 22, 2026 by holyspectral Loading…
3
[GHSA-w54x-xfxg-4gxq] NeuVector process with sensitive arguments lead to leakage
#7800 opened May 22, 2026 by holyspectral Loading…
1
[GHSA-8pxw-9c75-6w56] NeuVector admin account has insecure default password
#7799 opened May 22, 2026 by holyspectral Loading…
1
[GHSA-8ff6-pc43-jwv3] NeuVector has an insecure password storage vulnerable to rainbow attack
#7798 opened May 22, 2026 by holyspectral Loading…
2
[GHSA-m5gw-83w2-7749] Deserialization of untrusted data in Apache Fory PyFory....
#7797 opened May 22, 2026 by HGWAYEN Loading…
3
[GHSA-3x3v-w654-m28m] Undertow: Denial of Service via Multipart/Form-Data Parsing on HTTP GET Requests
#7796 opened May 22, 2026 by julianladisch Loading…
[GHSA-w42g-jj8w-fj77] phpMyFAQ: Stored XSS via Utils::parseUrl() in comment rendering
#7795 opened May 22, 2026 by klaudialax Loading…
[GHSA-24c8-4792-22hx] Scriban: array.insert_at index parameter DoS bypasses LoopLimit and LimitToString
#7794 opened May 22, 2026 by adamus2 Loading…
1
Use earlier Go pseudo-version for GHSA-78mf-482w-62qj
#7793 opened May 21, 2026 by cookesan Loading…
Use Go pseudo-version for GHSA-4pvg-prr3-9cxr
#7792 opened May 21, 2026 by cookesan Loading…
Use Go pseudo-versions for GHSA-h27v-ph7w-m9fp
#7791 opened May 21, 2026 by cookesan Loading…
Use Go pseudo-version for GHSA-q4w7-56hr-83rm
#7790 opened May 21, 2026 by cookesan Loading…
Use Go pseudo-version for GHSA-5hf2-vhj6-gj9m
#7789 opened May 21, 2026 by cookesan Loading…
Use Go pseudo-version for GHSA-m468-xcm6-fxg4
#7788 opened May 21, 2026 by cookesan Loading…
Use Go pseudo-version for GHSA-h6c2-x2m2-mwhf
#7787 opened May 21, 2026 by cookesan Loading…
Use Go pseudo-version for GHSA-m8p8-53vf-8357
#7786 opened May 21, 2026 by cookesan Loading…
Use Go pseudo-version for GHSA-cp8r-8jvw-v3qg
#7785 opened May 21, 2026 by cookesan Loading…
Use Go pseudo-version for GHSA-fhh2-gg7w-gwpq
#7784 opened May 21, 2026 by cookesan Loading…
Use Go pseudo-version for GHSA-g9w5-qffc-6762
#7783 opened May 21, 2026 by cookesan Loading…
Use Go pseudo-version for GHSA-qcjq-7f7v-pvc8
#7782 opened May 21, 2026 by cookesan Loading…
ProTip! Add no:assignee to see everything that’s not assigned.