GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,979
Composer 4,785
Erlang 36
GitHub Actions 29
Go 2,358
Maven 5,673
npm 3,979
NuGet 720
pip 3,777
Pub 12
RubyGems 924
Rust 981
Swift 38

Unreviewed advisories

All unreviewed 260,752

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

67 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function... Critical Unreviewed

CVE-2025-49223 was published Jun 4, 2025

A vulnerability, which was classified as problematic, was found in nortikin Sverchok 1.3.0.... Moderate Unreviewed

CVE-2025-3982 was published Apr 27, 2025

A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP... Critical Unreviewed

CVE-2025-25014 was published May 6, 2025

If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype... High Unreviewed

CVE-2022-1802 was published Dec 22, 2022

An attacker could have sent a message to the parent process where the contents were used to... High Unreviewed

CVE-2022-1529 was published Dec 22, 2022

If an object prototype was corrupted by an attacker, they would have been able to set undesired... High Unreviewed

CVE-2022-2200 was published Dec 22, 2022

Prototype Pollution in Kibana can lead to code injection via unrestricted file upload combined... High Unreviewed

CVE-2024-12556 was published Apr 8, 2025

Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and... Critical Unreviewed

CVE-2025-25015 was published Mar 5, 2025

A Prototype Pollution issue in Aliconnect /sdk v.0.0.6 allows an attacker to execute arbitrary... Critical Unreviewed

CVE-2024-24292 was published Mar 28, 2025

A prototype pollution in the lib.fromQuery function of underscore-contrib v0.3.0 allows attackers... High Unreviewed

CVE-2024-57081 was published Feb 6, 2025

A prototype pollution in the lib.post function of ajax-request v1.2.3 allows attackers to cause a... High Unreviewed

CVE-2024-57076 was published Feb 6, 2025

A prototype pollution in the function deepMerge of @stryker-mutator/util v8.6.0 allows attackers... High Unreviewed

CVE-2024-57085 was published Feb 6, 2025

A prototype pollution in the lib.merge function of xe-utils v3.5.31 allows attackers to cause a... High Unreviewed

CVE-2024-57074 was published Feb 6, 2025

A prototype pollution vulnerability exists in Rocket.Chat server <5.2.0 that could allow an... High Unreviewed

CVE-2023-23917 was published Feb 23, 2023

In Progress® Telerik® KendoReact versions v3.5.0 through v9.4.0, an attacker can introduce or... Moderate Unreviewed

CVE-2024-12629 was published Feb 12, 2025

In Progress® Telerik® Kendo UI for Vue versions v2.4.0 through v6.0.1, an attacker can introduce... Moderate Unreviewed

CVE-2024-11628 was published Feb 12, 2025

A prototype pollution in the function lib.parse of dot-properties v1.0.1 allows attackers to... High Unreviewed

CVE-2024-57084 was published Feb 6, 2025

A prototype pollution in the lib.parse function of dot-qs v0.2.0 allows attackers to cause a... High Unreviewed

CVE-2024-57067 was published Feb 6, 2025

A prototype pollution in the lib.merge function of cli-util v1.1.27 allows attackers to cause a... High Unreviewed

CVE-2024-57078 was published Feb 6, 2025

A prototype pollution in the lib.setValue function of @syncfusion/ej2-spreadsheet v27.2.2 allows... High Unreviewed

CVE-2024-57064 was published Feb 6, 2025

A prototype pollution in the lib.createPath function of utile v0.3.0 allows attackers to cause a... High Unreviewed

CVE-2024-57065 was published Feb 6, 2025

A prototype pollution in the lib.combine function of php-parser v3.2.1 allows attackers to cause... High Unreviewed

CVE-2024-57071 was published Feb 6, 2025

A prototype pollution in the lib function of expand-object v0.4.2 allows attackers to cause a... High Unreviewed

CVE-2024-57069 was published Feb 6, 2025

A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause... High Unreviewed

CVE-2024-57063 was published Feb 6, 2025

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')... Critical Unreviewed

CVE-2024-56059 was published Dec 18, 2024

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

67 advisories