github / advisory-database Public

Notifications You must be signed in to change notification settings
Fork 598
Star 2.3k

Code
Issues 82
Pull requests 61
Discussions
Actions
Models
Security and quality
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Models
Security and quality
Insights

Pull requests: github/advisory-database

Labels 15 Milestones 0

New pull request New

61 Open 6,627 Closed

Author

Filter by author

Uh oh!

There was an error while loading. Please reload this page.

Label

Filter by label

Uh oh!

There was an error while loading. Please reload this page.

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Uh oh!

There was an error while loading. Please reload this page.

Milestones

Filter by milestone

Uh oh!

There was an error while loading. Please reload this page.

Reviews

Filter by reviews

No reviews Review required Approved review Changes requested

Assignee

Filter by who’s assigned

Assigned to nobody

Uh oh!

There was an error while loading. Please reload this page.

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Pull requests list

[GHSA-rmx9-2pp3-xhcr] Add multi-branch patch ranges for Tekton Pipelines

#7600 opened May 6, 2026 by waveywaves

Loading…

[GHSA-m2cx-gpqf-qf74] Add multi-branch patch ranges for Tekton Pipelines

#7599 opened May 6, 2026 by waveywaves

Loading…

[GHSA-rx35-6rhx-7858] Add multi-branch patch ranges for Tekton Pipelines

#7598 opened May 6, 2026 by waveywaves

Loading…

[GHSA-94jr-7pqp-xhcq] Add multi-branch patch ranges for Tekton Pipelines

#7597 opened May 6, 2026 by waveywaves

Loading…

[GHSA-wjxp-xrpv-xpff] Add multi-branch patch ranges for Tekton Pipelines

#7596 opened May 6, 2026 by waveywaves

Loading…

[GHSA-37w4-hwhx-4rc4] JupyterHub has an Extension Manager API/GUI Policy Discrepancy, allowing 3rd party (malicious) extensions install via POST request

#7593 opened May 6, 2026 by krassowski

Loading…

[GHSA-jg2m-9x48-3gvj] The fix for CVE-2025-27636 added setLowerCase(true) to...

#7592 opened May 6, 2026 by kmagdziarz

Loading…

[GHSA-w5hq-g745-h8pq] uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided

#7591 opened May 5, 2026 by jwasnoggin

Loading…

[GHSA-8fj7-8h3w-xwfm] Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames...

#7589 opened May 5, 2026 by kbsteere

Loading…

[GHSA-rgv9-q543-rqg4] Uncontrolled Resource Consumption in FasterXML jackson-databind

#7588 opened May 5, 2026 by albertabiev1

Loading…

[GHSA-6rcx-55r6-jx65] A vulnerability was found in PrefectHQ prefect up to 3.6...

#7583 opened May 4, 2026 by nedlir

Loading…

[GHSA-p3pq-hxmr-vqqr] A vulnerability has been found in PrefectHQ prefect up to...

#7582 opened May 4, 2026 by nedlir

Loading…

[GHSA-hvph-5985-r63v] A flaw has been found in PrefectHQ prefect up to 3.6.13....

#7581 opened May 4, 2026 by nedlir

Loading…

[GHSA-6rr6-v7cj-mxpg] A vulnerability was detected in PrefectHQ prefect up to 3...

#7580 opened May 4, 2026 by nedlir

Loading…

[GHSA-x73w-g8hx-v7rp] Code injection in electerm

#7579 opened May 4, 2026 by filipeom

Loading…

[GHSA-355h-qmc2-wpwf] Jetty has HTTP Request Smuggling via Chunked Extension Quoted-String Parsing

#7577 opened May 4, 2026 by tlarionova-max

Loading…

[GHSA-58qw-9mgm-455v] pip has an interpretation conflict due to handling both concatenated tar and ZIP files as ZIP files

#7574 opened May 4, 2026 by amine-malloul-gira

Loading…

[GHSA-85x2-r8xv-ww8c] Kirby CMS's pages.access/list and files.access/list permissions are not consistently checked in the Panel and REST API

#7572 opened May 3, 2026 by abundancemarble

Loading…

[GHSA-prf8-cf2x-rhx7] fabric-sdk-java has ObjectInputStream.readObject() without ObjectInputFilter, which allows Java deserialization RCE

#7570 opened May 1, 2026 by brodmart

Loading…

[GHSA-2wvh-87g2-89hr] OpenC3 COSMOS: Permissions Bypass Provides User Access to Unassigned Administrative Actions via Script Runner Tool

#7569 opened May 1, 2026 by sawitrisaengchan08-cell

Loading…

[GHSA-x8mh-94wc-33gv] Apache Airflow's SMTP provider SmtpHook called Python's...

#7562 opened Apr 30, 2026 by francisbergin

Loading…

Add advisory: asn1 BerReader infinite loop CPU DoS (CWE-835)

#7561 opened Apr 30, 2026 by tynus3

Loading…

[GHSA-5wfc-hjrc-gq87] hjson stack exhaustion vulnerability

#7552 opened Apr 30, 2026 by achibear

Loading…

[GHSA-x744-4wpc-v9h2] Moby has AuthZ plugin bypass when provided oversized request bodies

#7549 opened Apr 30, 2026 by bottarocarlo

Loading…

[GHSA-p93r-85wp-75v3] Bouncy Castle Has Covert Timing Channel Vulnerability

#7542 opened Apr 29, 2026 by amita-seal

Loading…

Previous 1 2 3 Next

Previous Next

ProTip! Adding no:label will show everything without a label.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!