Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,520
Maven
5,000+
npm
4,160
NuGet
737
pip
3,959
Pub
12
RubyGems
946
Rust
1,027
Swift
39
Unreviewed advisories
All unreviewed
5,000+

460 advisories

Loading
2o3t-utility v0.1.2 was discovered to contain a prototype pollution via the function extend. This... Critical Unreviewed
CVE-2024-39013 was published Jul 1, 2024
MiguelCastillo @bit/loader Prototype Pollution issue High
CVE-2024-24293 was published for @bit/loader (npm) May 20, 2024
Prototype pollution in izatop bunt Critical
CVE-2024-38989 was published for @bunt/app (npm) Aug 12, 2024
robinweser fast-loops vulnerable to prototype pollution High
CVE-2024-39008 was published for fast-loops (npm) Jul 1, 2024
ais-ltd strategyen v0.4.0 was discovered to contain a prototype pollution via the function... Critical Unreviewed
CVE-2024-39012 was published Jul 30, 2024
@75lb/deep-merge Prototype Pollution vulnerability High
CVE-2024-38986 was published for @75lb/deep-merge (npm) Jul 30, 2024
thewilkybarkid
jrburke requirejs vulnerable to prototype pollution High
CVE-2024-38999 was published for requirejs (npm) Jul 1, 2024
BlazingWizard
@thi.ng/paths Prototype Pollution vulnerability Critical
CVE-2024-29650 was published for @thi.ng/paths (npm) Mar 25, 2024
obx Prototype Pollution Critical
CVE-2024-36573 was published for @almela/obx (npm) Jun 17, 2024
Badger Database Prototype Pollution High
CVE-2024-36581 was published for @abw/badger-database (npm) Jun 17, 2024
ejs lacks certain pollution protection Moderate
CVE-2024-33883 was published for ejs (npm) Apr 28, 2024
Prototype Pollution in alykoshin mini-deep-assign v0.0.8 allows an attacker to execute arbitrary... Critical Unreviewed
CVE-2024-38983 was published Jul 30, 2024
Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code... Critical Unreviewed
CVE-2024-39011 was published Jul 30, 2024
Prototype pollution in allpro form-manager 0.7.4 allows attackers to run arbitrary code and cause... Critical Unreviewed
CVE-2024-36572 was published Jul 30, 2024
chase-moskal snapstate v0.0.9 was discovered to contain a prototype pollution via the function... Critical Unreviewed
CVE-2024-39010 was published Jul 30, 2024
Prototype Pollution in lukebond json-override 0.2.0 allows attackers to to execute arbitrary code... Critical Unreviewed
CVE-2024-38984 was published Jul 30, 2024
A vulnerability in the web-based management interface of HPE Aruba Networking EdgeConnect SD-WAN... High Unreviewed
CVE-2024-33519 was published Jul 24, 2024
@aofl/cli-lib Prototype Pollution vulnerability Moderate
CVE-2024-38987 was published for @aofl/cli-lib (npm) Jul 1, 2024
@cat5th/key-serializer Prototype Pollution vulnerability Moderate
CVE-2024-39018 was published for @cat5th/key-serializer (npm) Jul 1, 2024
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could... High Unreviewed
CVE-2024-22443 was published Jul 24, 2024
jsonic was discovered to contain a prototype pollution via the function empty. Critical
CVE-2024-38993 was published for jsonic (npm) Jul 1, 2024 withdrawn
wzrdtales
flatten-json Prototype Pollution Moderate
CVE-2024-36574 was published for @allanlancioni/flatten-json (npm) Jun 17, 2024
Object Resolver Prototype Pollution High
CVE-2024-36577 was published for @apphp/object-resolver (npm) Jun 17, 2024
Blackprint @blackprint/engine Prototype Pollution issue Critical
CVE-2024-24294 was published for @blackprint/engine (npm) May 20, 2024
@amoy/common v was discovered to contain a prototype pollution via the function extend High
CVE-2024-38994 was published for @amoy/common (npm) Jul 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database