-
Notifications
You must be signed in to change notification settings - Fork 524
Pull requests: github/advisory-database
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
[GHSA-r6q2-hw4h-h46w] Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS
#6733
opened Jan 28, 2026 by
ssushant0011
Loading…
[GHSA-rqff-837h-mm52] Authorization bypass in url-parse
Keep
#6723
opened Jan 26, 2026 by
ljharb
Loading…
[GHSA-xgcg-2hvp-fj6w] A cross-site scripting (XSS) vulnerability exists in...
#6716
opened Jan 26, 2026 by
berkpseSICKAG
Loading…
[GHSA-77c8-xpc7-q24c] The built-in XY Chart plugin is vulnerable to a DOM XSS...
#6715
opened Jan 26, 2026 by
berkpseSICKAG
Loading…
[GHSA-w5j6-7wpf-g6rw] A security vulnerability in the /apis/dashboard.grafana...
#6714
opened Jan 26, 2026 by
berkpseSICKAG
Loading…
[GHSA-98pr-9hw5-crg3] An open redirect vulnerability has been identified in...
#6713
opened Jan 26, 2026 by
berkpseSICKAG
Loading…
[GHSA-8v38-pw62-9cw2] url-parse Incorrectly parses URLs that include an '@'
Keep
#6700
opened Jan 24, 2026 by
ljharb
Loading…
[GHSA-m494-w24q-6f7w] JDBC Driver for SQL Server has improper input validation issue
#6638
opened Jan 12, 2026 by
gdsmith
Loading…
[GHSA-77r5-gw3j-2mpf] Next.js Vulnerable to HTTP Request Smuggling
#6636
opened Jan 10, 2026 by
mistressxalexis
Loading…
[GHSA-vj76-c3g6-qr5v] tar-fs has a symlink validation bypass if destination directory is predictable with a specific tarball
Stale
#6581
opened Dec 27, 2025 by
kristentr
Loading…
[GHSA-x4c5-c7rf-jjgv] @octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
#6573
opened Dec 22, 2025 by
G-Rath
Loading…
ProTip!
no:milestone will show everything without a milestone.