GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
352 advisories
Filter by severity
Prototype Pollution in simple-plist
Critical
CVE-2022-26260
was published
for
simple-plist
(npm)
Mar 23, 2022
Prototype Pollution in libnested
Critical
CVE-2022-25352
was published
for
libnested
(npm)
Mar 18, 2022
Sandbox escape in notevil and argencoders-notevil
Moderate
CVE-2021-23771
was published
for
argencoders-notevil
(npm)
Mar 18, 2022
Prototype Pollution in minimist
Critical
CVE-2021-44906
was published
for
minimist
(npm)
Mar 18, 2022
Command injection in Parse Server through prototype pollution
Critical
CVE-2022-24760
was published
for
parse-server
(npm)
Mar 11, 2022
Prototype Pollution in object-extend
Critical
CVE-2021-23702
was published
for
object-extend
(npm)
Feb 19, 2022
Prototype pollution in Plist before 3.0.5 can cause denial of service
Critical
CVE-2022-22912
was published
for
plist
(npm)
Feb 18, 2022
Prototype Pollution in litespeed.js and appwrite/server-ce
Critical
CVE-2021-23682
was published
for
appwrite/server-ce
(Composer)
Feb 17, 2022
Prototype Pollution in handlebars
Critical
CVE-2021-23383
was published
for
handlebars
(npm)
Feb 10, 2022
Prototype Pollution in safetydance
High
CVE-2020-7737
was published
for
safetydance
(npm)
Feb 10, 2022
Prototype Pollution leading to Remote Code Execution in superjson
Critical
CVE-2022-23631
was published
for
blitz
(npm)
Feb 9, 2022
Validation bypass in frourio-express
High
CVE-2022-23624
was published
for
frourio-express
(npm)
Feb 7, 2022
Prototype Pollution in putil-merge
High
CVE-2021-23470
was published
for
putil-merge
(npm)
Feb 5, 2022
Prototype Pollution in object-path-set
High
CVE-2021-23507
was published
for
object-path-set
(npm)
Feb 5, 2022
Prototype Pollution in @strikeentco/set
High
CVE-2021-23497
was published
for
@strikeentco/set
(npm)
Feb 5, 2022
ProTip!
Advisories are also available from the
GraphQL API