github / advisory-database Public

Notifications You must be signed in to change notification settings
Fork 504
Star 2.1k

Code
Issues 71
Pull requests 14
Discussions
Actions
Models
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Models
Security
Insights

Pull requests: github/advisory-database

Labels 15 Milestones 0

New pull request New

14 Open 5,944 Closed

Author

Filter by author

Uh oh!

There was an error while loading. Please reload this page.

Label

Filter by label

Uh oh!

There was an error while loading. Please reload this page.

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Uh oh!

There was an error while loading. Please reload this page.

Milestones

Filter by milestone

Uh oh!

There was an error while loading. Please reload this page.

Reviews

Filter by reviews

No reviews Review required Approved review Changes requested

Assignee

Filter by who’s assigned

Assigned to nobody

Uh oh!

There was an error while loading. Please reload this page.

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Pull requests list

[GHSA-xxvh-jcpq-95qv] File Upload vulnerability in Petrol Pump Mangement...

#6591 opened Dec 28, 2025 by shubham-s-pandey

Loading…

[GHSA-8678-pm6w-2hg6] SQL Injection vulnerability in Petrol Pump Mangement...

#6590 opened Dec 28, 2025 by shubham-s-pandey

Loading…

[GHSA-mhv9-5hxr-j9mw] Cross Site Scripting vulnerability in Petrol Pump...

#6589 opened Dec 28, 2025 by shubham-s-pandey

Loading…

[GHSA-qcc3-2x2p-6v35] SQL Injection vulnerability in Employee Management System...

#6588 opened Dec 28, 2025 by shubham-s-pandey

Loading…

[GHSA-c7qj-xcvw-r7jv] Cross Site Scripting vulnerability in Petrol Pump...

#6587 opened Dec 28, 2025 by shubham-s-pandey

Loading…

[GHSA-95fv-5gfj-2r84] Emby Server API Vulnerability allowing to gain administrative access without precondition

#6584 opened Dec 27, 2025 by softworkz

Loading…

[GHSA-c67j-w6g6-q2cm] LangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs

#6583 opened Dec 27, 2025 by asrar-mared

Loading…

[GHSA-9qr9-h5gf-34mp] Next.js is vulnerable to RCE in React flight protocol

#6582 opened Dec 27, 2025 by asrar-mared

Loading…

[GHSA-vj76-c3g6-qr5v] tar-fs has a symlink validation bypass if destination directory is predictable with a specific tarball

#6581 opened Dec 27, 2025 by kristentr

Loading…

[GHSA-225v-733h-9gwv] Clash Verge Rev thru 2.2.3 forces the installation of...

#6579 opened Dec 25, 2025 by Dragon1573

Loading…

[GHSA-5j98-mcp5-4vw2] glob CLI: Command injection via -c/--cmd executes matches with shell:true

#6576 opened Dec 23, 2025 by sbgitZZ

Loading…

[GHSA-x4c5-c7rf-jjgv] @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking

#6573 opened Dec 22, 2025 by G-Rath

Loading…

[GHSA-f6mr-38g8-39rg] Ollama Platform has missing authentication enabling attackers to perform model management operations

#6571 opened Dec 22, 2025 by Ankush-Pathak

Loading…

[GHSA-3xgq-45jj-v275] Regular Expression Denial of Service (ReDoS) in cross-spawn Stale

#6483 opened Nov 30, 2025 by aprendis543

Loading…

ProTip! Find all pull requests that aren't related to any open issues with -linked:issue.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Uh oh!