GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
412 advisories
Filter by severity
convict vulnerable to Prototype Pollution
High
CVE-2023-0163
was published
for
convict
(npm)
Jan 10, 2023
Prototype Pollution in Visioweb.js 1.10.6 allows attackers to execute XSS on the client system.
Moderate
Unreviewed
CVE-2022-3901
was published
Feb 20, 2023
A prototype pollution vulnerability exists in Rocket.Chat server <5.2.0 that could allow an...
High
Unreviewed
CVE-2023-23917
was published
Feb 23, 2023
rangy vulnerable to Prototype Pollution
High
CVE-2023-26102
was published
for
rangy
(npm)
Feb 24, 2023
mde utilities contains Prototype Pollution
High
CVE-2023-26105
was published
for
utilities
(npm)
Feb 28, 2023
dot-lens vulnerable to Prototype Pollution
High
CVE-2023-26106
was published
for
dot-lens
(npm)
Mar 6, 2023
Collection.js vulnerable to Prototype Pollution
High
CVE-2023-26113
was published
for
collection.js
(npm)
Mar 18, 2023
matrix-js-sdk Prototype Pollution vulnerability
High
CVE-2022-36059
was published
for
matrix-js-sdk
(npm)
Mar 28, 2023
matrix-react-sdk Prototype pollution vulnerability
High
CVE-2022-36060
was published
for
matrix-react-sdk
(npm)
Mar 28, 2023
Prototype pollution in matrix-react-sdk
High
CVE-2023-28103
was published
for
matrix-react-sdk
(npm)
Mar 29, 2023
Prototype pollution in matrix-js-sdk (part 2)
High
CVE-2023-28427
was published
for
matrix-js-sdk
(npm)
Mar 30, 2023
xml2js is vulnerable to prototype pollution
Moderate
CVE-2023-0842
was published
for
xml2js
(npm)
Apr 5, 2023
safe-eval vulnerable to Prototype Pollution via the safeEval function
Critical
CVE-2023-26121
was published
for
safe-eval
(npm)
Apr 11, 2023
safe-eval vulnerable to Sandbox Bypass due to improper input sanitization
Critical
CVE-2023-26122
was published
for
safe-eval
(npm)
Apr 11, 2023
Prototype Pollution in vConsole
Critical
CVE-2023-30363
was published
for
vconsole
(npm)
Apr 26, 2023
Possible prototype pollution in metadata record, when using meta decorator
Low
CVE-2023-30857
was published
for
@aedart/support
(npm)
May 1, 2023
A prototype pollution vulnerability exists in Strikingly CMS which can result in reflected cross...
Moderate
Unreviewed
CVE-2023-2582
was published
May 8, 2023
antfu/utils vulnerable to prototype pollution
Moderate
CVE-2023-2972
was published
for
@antfu/utils
(npm)
May 30, 2023
dottie vulnerable to Prototype Pollution
High
CVE-2023-26132
was published
for
dottie
(npm)
Jun 10, 2023
progressbar.js vulnerable to Prototype Pollution
High
CVE-2023-26133
was published
for
progressbar.js
(npm)
Jun 12, 2023
fast-xml-parser vulnerable to Prototype Pollution through tag or attribute name
Moderate
CVE-2023-26920
was published
for
fast-xml-parser
(npm)
Jun 13, 2023
flatnest Prototype Pollution vulnerability
High
CVE-2023-26135
was published
for
flatnest
(npm)
Jun 30, 2023
Parse Server vulnerable to remote code execution via MongoDB BSON parser through prototype pollution
Critical
CVE-2023-36475
was published
for
parse-server
(npm)
Jun 30, 2023
tough-cookie Prototype Pollution vulnerability
Moderate
CVE-2023-26136
was published
for
tough-cookie
(npm)
Jul 1, 2023
ProTip!
Advisories are also available from the
GraphQL API