GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
412 advisories
Filter by severity
mysql2 vulnerable to Prototype Poisoning
Moderate
CVE-2024-21509
was published
for
mysql2
(npm)
Apr 10, 2024
A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML...
Critical
Unreviewed
CVE-2024-37287
was published
Aug 13, 2024
ahilfoley cahil/utils v2.3.2 was discovered to contain a prototype pollution via the function set...
Critical
Unreviewed
CVE-2024-39014
was published
Jul 1, 2024
2o3t-utility v0.1.2 was discovered to contain a prototype pollution via the function extend. This...
Critical
Unreviewed
CVE-2024-39013
was published
Jul 1, 2024
MiguelCastillo @bit/loader Prototype Pollution issue
High
CVE-2024-24293
was published
for
@bit/loader
(npm)
May 20, 2024
Prototype pollution in izatop bunt
Critical
CVE-2024-38989
was published
for
@bunt/app
(npm)
Aug 12, 2024
robinweser fast-loops vulnerable to prototype pollution
High
CVE-2024-39008
was published
for
fast-loops
(npm)
Jul 1, 2024
ais-ltd strategyen v0.4.0 was discovered to contain a prototype pollution via the function...
Critical
Unreviewed
CVE-2024-39012
was published
Jul 30, 2024
@75lb/deep-merge Prototype Pollution vulnerability
High
CVE-2024-38986
was published
for
@75lb/deep-merge
(npm)
Jul 30, 2024
jrburke requirejs vulnerable to prototype pollution
High
CVE-2024-38999
was published
for
requirejs
(npm)
Jul 1, 2024
@thi.ng/paths Prototype Pollution vulnerability
Critical
CVE-2024-29650
was published
for
@thi.ng/paths
(npm)
Mar 25, 2024
Badger Database Prototype Pollution
High
CVE-2024-36581
was published
for
@abw/badger-database
(npm)
Jun 17, 2024
ejs lacks certain pollution protection
Moderate
CVE-2024-33883
was published
for
ejs
(npm)
Apr 28, 2024
Prototype Pollution in alykoshin mini-deep-assign v0.0.8 allows an attacker to execute arbitrary...
Critical
Unreviewed
CVE-2024-38983
was published
Jul 30, 2024
Prototype Pollution in lukebond json-override 0.2.0 allows attackers to to execute arbitrary code...
Critical
Unreviewed
CVE-2024-38984
was published
Jul 30, 2024
Prototype pollution in allpro form-manager 0.7.4 allows attackers to run arbitrary code and cause...
Critical
Unreviewed
CVE-2024-36572
was published
Jul 30, 2024
chase-moskal snapstate v0.0.9 was discovered to contain a prototype pollution via the function...
Critical
Unreviewed
CVE-2024-39010
was published
Jul 30, 2024
Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code...
Critical
Unreviewed
CVE-2024-39011
was published
Jul 30, 2024
A vulnerability in the web-based management interface of HPE Aruba Networking EdgeConnect SD-WAN...
High
Unreviewed
CVE-2024-33519
was published
Jul 24, 2024
@aofl/cli-lib Prototype Pollution vulnerability
Moderate
CVE-2024-38987
was published
for
@aofl/cli-lib
(npm)
Jul 1, 2024
@cat5th/key-serializer Prototype Pollution vulnerability
Moderate
CVE-2024-39018
was published
for
@cat5th/key-serializer
(npm)
Jul 1, 2024
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could...
High
Unreviewed
CVE-2024-22443
was published
Jul 24, 2024
jsonic was discovered to contain a prototype pollution via the function empty.
Critical
CVE-2024-38993
was published
for
jsonic
(npm)
Jul 1, 2024
•
withdrawn
flatten-json Prototype Pollution
Moderate
CVE-2024-36574
was published
for
@allanlancioni/flatten-json
(npm)
Jun 17, 2024
ProTip!
Advisories are also available from the
GraphQL API