Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

412 advisories

Loading
Synchrony deobfuscator prototype pollution vulnerability leading to arbitrary code execution High
CVE-2023-45811 was published for deobfuscator (npm) Oct 18, 2023
SteakEnthusiast
Prototype Pollution in ali-security/mongoose Critical
GHSA-rc4v-99cr-pjcm was published for @seal-security/mongoose-fixed (npm) Oct 17, 2023
Prototype Pollution in NASA Open MCT High
CVE-2023-45282 was published for openmct (npm) Oct 6, 2023
tree-kit Prototype Pollution vulnerability Critical
CVE-2023-38894 was published for tree-kit (npm) Aug 17, 2023
MrSwitch hello.js vulnerable to prototype pollution Critical
CVE-2021-26505 was published for hellojs (npm) Aug 11, 2023
underscore-keypath vulnerable to Prototype Pollution High
CVE-2023-26139 was published for underscore-keypath (npm) Aug 1, 2023
Mongoose Prototype Pollution vulnerability Critical
CVE-2023-3696 was published for mongoose (npm) Jul 17, 2023
protobufjs Prototype Pollution vulnerability Critical
CVE-2023-36665 was published for protobufjs (npm) Jul 5, 2023
fhoeben stephengroat
tough-cookie Prototype Pollution vulnerability Moderate
CVE-2023-26136 was published for tough-cookie (npm) Jul 1, 2023
axi92
Parse Server vulnerable to remote code execution via MongoDB BSON parser through prototype pollution Critical
CVE-2023-36475 was published for parse-server (npm) Jun 30, 2023
dblythy mtrezza
flatnest Prototype Pollution vulnerability High
CVE-2023-26135 was published for flatnest (npm) Jun 30, 2023
fast-xml-parser vulnerable to Prototype Pollution through tag or attribute name Moderate
CVE-2023-26920 was published for fast-xml-parser (npm) Jun 13, 2023
Sudistark
progressbar.js vulnerable to Prototype Pollution High
CVE-2023-26133 was published for progressbar.js (npm) Jun 12, 2023
kimmobrunfeldt juburr
dottie vulnerable to Prototype Pollution High
CVE-2023-26132 was published for dottie (npm) Jun 10, 2023
antfu/utils vulnerable to prototype pollution Moderate
CVE-2023-2972 was published for @antfu/utils (npm) May 30, 2023
Possible prototype pollution in metadata record, when using meta decorator Low
CVE-2023-30857 was published for @aedart/support (npm) May 1, 2023
Prototype Pollution in vConsole Critical
CVE-2023-30363 was published for vconsole (npm) Apr 26, 2023
renbaoshuo
Prototype Pollution in sheetJS High
CVE-2023-30533 was published for xlsx (npm) Apr 24, 2023
pmartinat stof
safe-eval vulnerable to Prototype Pollution via the safeEval function Critical
CVE-2023-26121 was published for safe-eval (npm) Apr 11, 2023
safe-eval vulnerable to Sandbox Bypass due to improper input sanitization Critical
CVE-2023-26122 was published for safe-eval (npm) Apr 11, 2023
ProTip! Advisories are also available from the GraphQL API