Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

352 advisories

Loading
Prototype Pollution in simple-plist Critical
CVE-2022-26260 was published for simple-plist (npm) Mar 23, 2022
radiotech TuurDutoit
Prototype Pollution in Sails.js Critical
CVE-2021-44908 was published for sails (npm) Mar 18, 2022
Prototype Pollution in bodymen Moderate
CVE-2022-25296 was published for bodymen (npm) Mar 18, 2022
Prototype Pollution in libnested Critical
CVE-2022-25352 was published for libnested (npm) Mar 18, 2022
Prototype Pollution in set-in Critical
CVE-2022-25354 was published for set-in (npm) Mar 18, 2022
Sandbox escape in notevil and argencoders-notevil Moderate
CVE-2021-23771 was published for argencoders-notevil (npm) Mar 18, 2022
Prototype Pollution in minimist Critical
CVE-2021-44906 was published for minimist (npm) Mar 18, 2022
alopix ljharb
Command injection in Parse Server through prototype pollution Critical
CVE-2022-24760 was published for parse-server (npm) Mar 11, 2022
yuske cristianstaicu
musard mtrezza
Prototype Pollution in object-extend Critical
CVE-2021-23702 was published for object-extend (npm) Feb 19, 2022
Prototype pollution in Plist before 3.0.5 can cause denial of service Critical
CVE-2022-22912 was published for plist (npm) Feb 18, 2022
mario-canva
Prototype Pollution in litespeed.js and appwrite/server-ce Critical
CVE-2021-23682 was published for appwrite/server-ce (Composer) Feb 17, 2022
Sandbox bypass in vm2 Critical
CVE-2021-23555 was published for vm2 (npm) Feb 12, 2022
Prototype Pollution in mixme Critical
CVE-2021-28860 was published for mixme (npm) Feb 10, 2022
Prototype Pollution in handlebars Critical
CVE-2021-23383 was published for handlebars (npm) Feb 10, 2022
Prototype Pollution in Ajv Moderate
CVE-2020-15366 was published for ajv (npm) Feb 10, 2022
Prototype Pollution in safetydance High
CVE-2020-7737 was published for safetydance (npm) Feb 10, 2022
Prototype pollution in pathval High
CVE-2020-7751 was published for pathval (npm) Feb 10, 2022
Prototype Pollution in mout High
CVE-2020-7792 was published for mout (npm) Feb 9, 2022
Prototype Pollution in js-data Critical
CVE-2020-28442 was published for js-data (npm) Feb 9, 2022
Prototype Pollution leading to Remote Code Execution in superjson Critical
CVE-2022-23631 was published for blitz (npm) Feb 9, 2022
paul-gerste-sonarsource
Validation bypass in frourio-express High
CVE-2022-23624 was published for frourio-express (npm) Feb 7, 2022
SegaraRai LumaKernel
Validation bypass in frourio High
CVE-2022-23623 was published for frourio (npm) Feb 7, 2022
SegaraRai LumaKernel
Prototype Pollution in putil-merge High
CVE-2021-23470 was published for putil-merge (npm) Feb 5, 2022
Prototype Pollution in object-path-set High
CVE-2021-23507 was published for object-path-set (npm) Feb 5, 2022
Prototype Pollution in @strikeentco/set High
CVE-2021-23497 was published for @strikeentco/set (npm) Feb 5, 2022
ProTip! Advisories are also available from the GraphQL API