Pull requests: github/advisory-database
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
[GHSA-j6gc-792m-qgm2] ReDoS based DoS vulnerability in Active Support’s underscore
#2636
opened Aug 18, 2023 by
G-Rath
Loading…
[GHSA-579w-22j4-4749] Denial of Service Vulnerability in ActiveRecord’s PostgreSQL adapter
#2635
opened Aug 18, 2023 by
G-Rath
Loading…
[GHSA-c6qg-cjj8-47qp] Possible Denial of Service Vulnerability in Rack’s header parsing
#2634
opened Aug 18, 2023 by
G-Rath
Loading…
[GHSA-8jjf-w7j6-323c] Samlify vulnerable to Authentication Bypass by allowing tokens to be reused with different usernames
#2633
opened Aug 18, 2023 by
eoftedal
Loading…
[GHSA-fhw8-8j55-vwgq] Unsafe deserialization in Apache MINA SSHD
#2632
opened Aug 17, 2023 by
pavelarnost
Loading…
[GHSA-prp9-9gxw-38j8] A deserialization flaw was found in Apache Chainsaw...
#2630
opened Aug 16, 2023 by
joshbressers
Loading…
[GHSA-h755-8qp9-cq85] protobufjs Prototype Pollution vulnerability
#2625
opened Aug 16, 2023 by
Ashish17032003
Loading…
[GHSA-6r78-m64m-qwcf] Moq v4.20.0 and 4.20.1 share hashed user data
#2613
opened Aug 10, 2023 by
JonDouglas
Loading…
[GHSA-7mj4-2984-955f] AlchemyCMS is vulnerable to stored XSS via the /admin/pictures image field
#2587
opened Aug 4, 2023 by
tvdeyen
Loading…
[GHSA-pv7r-9vjg-g3f9] Duplicate advisory: swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length
#2567
opened Aug 2, 2023 by
186PhillipBeam
Loading…
[GHSA-qm95-pgcg-qqfq] Insufficient validation when decoding a Socket.IO packet
#2561
opened Aug 1, 2023 by
Subrata19777
Loading…
[GHSA-8hfj-j24r-96c4] Path Traversal: 'dir/../../filename' in moment.locale
#2560
opened Jul 31, 2023 by
Subrata19777
Loading…
[GHSA-wc69-rhjr-hc9g] Moment.js vulnerable to Inefficient Regular Expression Complexity
#2559
opened Jul 31, 2023 by
Subrata19777
Loading…
[GHSA-f8vr-r385-rh5r] h2 vulnerable to denial of service
#2554
opened Jul 29, 2023 by
Apetree100122
Loading…
[GHSA-cmm9-mgm5-9r42] pandas through 1.0.3 can unserialize and execute commands...
#2553
opened Jul 28, 2023 by
felickz
Loading…
[GHSA-3p62-6fjh-3p5h] Keycloak vulnerable to cross-site scripting when validating URI-schemes on SAML and OIDC
#2549
opened Jul 27, 2023 by
uxdom
Loading…
[GHSA-qwph-4952-7xr6] jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()
#2537
opened Jul 27, 2023 by
sulaiman-coder
Loading…
[GHSA-q9w4-w667-qqj4] ckeditor-wordcount-plugin vulnerable to Cross-site Scripting in Source Mode of Editor
#2523
opened Jul 26, 2023 by
ohader
Loading…
[GHSA-w49p-h6v2-88hr] D-Link DIR_878_FW1.30B08 was discovered to contain a...
#2508
opened Jul 20, 2023 by
c0crow
Loading…
[GHSA-jfh8-c2jp-5v3q] Remote code injection in Log4j
Keep
#2445
opened Jun 22, 2023 by
jensdietrich
Loading…
[GHSA-mvr2-9pj6-7w5j] Denial of Service in Google Guava
Keep
#2444
opened Jun 22, 2023 by
jensdietrich
Loading…
ProTip!
no:milestone will show everything without a milestone.