Pull requests: github/advisory-database
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
[GHSA-45vm-3j38-7p78] PrestaShop cross-site scripting via customer contact form in FO, through file upload
#4438
opened May 16, 2024 by
aelmokhtar
Loading…
[GHSA-4724-7jwc-3fpw] Grafana Spoofing originalUrl of snapshots
#4434
opened May 15, 2024 by
r3kumar
Loading…
[GHSA-x64m-686f-fmm3] The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and...
#4428
opened May 15, 2024 by
MarkLee131
Loading…
[GHSA-qrh7-x6fp-c2mp] The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and...
#4427
opened May 15, 2024 by
MarkLee131
Loading…
[GHSA-p979-4mfw-53vg] HTTP Request Smuggling in Netty
#4409
opened May 14, 2024 by
SunBK201
Loading…
[GHSA-92jh-gwch-jq38] PocketMine-MP server crash with certain invalid JSON payloads in
LoginPacket
due to dependency vulnerability (again)
#4371
opened May 7, 2024 by
SvenRtbg
Loading…
[GHSA-h755-8qp9-cq85] protobufjs Prototype Pollution vulnerability
#4351
opened May 7, 2024 by
ImaneLamriui
Loading…
[GHSA-83pv-qr33-2vcf] Litestar and Starlite vulnerable to Path Traversal
#4350
opened May 6, 2024 by
JacobCoffee
Loading…
[GHSA-r4ph-mx67-x58p] Shopware database password is leaked to an unauthenticated users
#4318
opened Apr 26, 2024 by
mitelg
Loading…
[GHSA-rrjw-j4m2-mf34] gix-transport code execution vulnerability
#4317
opened Apr 26, 2024 by
EliahKagan
Loading…
[GHSA-wjxj-5m7g-mg7q] Bouncy Castle Denial of Service (DoS)
#4309
opened Apr 25, 2024 by
mpihelgas
Loading…
[GHSA-6g7w-8wpp-frhj] Infinite loop in rustls::conn::ConnectionCommon::complete_io() with proper client input
#4288
opened Apr 22, 2024 by
NxPKG
Loading…
[GHSA-w3h3-4rj7-4ph4] Request smuggling leading to endpoint restriction bypass in Gunicorn
Stale
#4275
opened Apr 17, 2024 by
madhumantra11
Loading…
[GHSA-h755-8qp9-cq85] protobufjs Prototype Pollution vulnerability
#4270
opened Apr 15, 2024 by
m-honarzade
Loading…
[GHSA-2v42-xp3j-47m4] Xuxueli xxl-job template injection vulnerability
Stale
#4269
opened Apr 15, 2024 by
unam4
Loading…
[GHSA-c438-8cvq-pxxx] Apache Tapestry Unsafe Object Storage
#4244
opened Apr 12, 2024 by
MarkLee131
Loading…
[GHSA-37q5-v5qm-c9v8] Transformers Deserialization of Untrusted Data vulnerability
Stale
#4237
opened Apr 12, 2024 by
retr0reg
Loading…
[GHSA-jhv5-cxf2-r67v] UVDesk Community Skeleton v1.1.1 allows unauthenticated...
#4209
opened Apr 3, 2024 by
sahildari
Loading…
[GHSA-fhmj-jv7w-vvg2] Terraform Enterprise since v202207-1 did not properly...
#4194
opened Mar 30, 2024 by
anonymous4ACL24
Loading…
[GHSA-33j2-92xf-fwm3] HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is...
Stale
#4190
opened Mar 30, 2024 by
anonymous4ACL24
Loading…
[GHSA-7j85-mwfj-2gr8] An unhandled error in Vault Enterprise's namespace...
Stale
#4189
opened Mar 30, 2024 by
anonymous4ACL24
Loading…
[GHSA-37gg-8xjr-m6x4] A Vault Enterprise Sentinel Role Governing Policy created...
Stale
#4187
opened Mar 30, 2024 by
anonymous4ACL24
Loading…
[GHSA-4849-cfqq-r8pq] Multiple directory traversal vulnerabilities in FCKeditor...
Stale
#4181
opened Mar 30, 2024 by
anonymous4ACL24
Loading…
[GHSA-w97x-8w5v-6mh4] The jQuery framework exchanges data using JavaScript...
Stale
#4171
opened Mar 30, 2024 by
anonymous4ACL24
Loading…
Previous Next
ProTip!
Exclude everything labeled
bug
with -label:bug.