Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

167 advisories

Loading
DOMPurify allows tampering by prototype pollution High
CVE-2024-45801 was published for dompurify (npm) Sep 16, 2024
eslerm cure53
dset Prototype Pollution vulnerability High
CVE-2024-21529 was published for dset (npm) Sep 11, 2024
@75lb/deep-merge Prototype Pollution vulnerability High
CVE-2024-38986 was published for @75lb/deep-merge (npm) Jul 30, 2024
thewilkybarkid
A vulnerability in the web-based management interface of HPE Aruba Networking EdgeConnect SD-WAN... High Unreviewed
CVE-2024-33519 was published Jul 24, 2024
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could... High Unreviewed
CVE-2024-22443 was published Jul 24, 2024
che3vinci c3/utils-1 1.0.131 was discovered to contain a prototype pollution via the function... High Unreviewed
CVE-2024-39016 was published Jul 1, 2024
robinweser fast-loops vulnerable to prototype pollution High
CVE-2024-39008 was published for fast-loops (npm) Jul 1, 2024
amoyjs amoy common v1.0.10 was discovered to contain a prototype pollution via the function... High Unreviewed
CVE-2024-39003 was published Jul 1, 2024
jrburke requirejs vulnerable to prototype pollution High
CVE-2024-38999 was published for requirejs (npm) Jul 1, 2024
BlazingWizard
jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function config.... High Unreviewed
CVE-2024-38998 was published Jul 1, 2024
Prototype pollution in ag-grid-community via the _.mergeDeep function High
CVE-2024-38996 was published for ag-grid-community (npm) Jul 1, 2024
kiril-matev
@amoy/common v was discovered to contain a prototype pollution via the function extend High
CVE-2024-38994 was published for @amoy/common (npm) Jul 1, 2024
akbr patch-into was discovered to contain a prototype pollution via the function patchInto High
CVE-2024-38991 was published for @akbr/patch-into (npm) Jul 1, 2024
frappejs was discovered to contain a prototype pollution via the function registerView High
CVE-2024-38992 was published for @airvertco/frappejs (npm) Jul 1, 2024
Object Resolver Prototype Pollution High
CVE-2024-36577 was published for @apphp/object-resolver (npm) Jun 17, 2024
Badger Database Prototype Pollution High
CVE-2024-36581 was published for @abw/badger-database (npm) Jun 17, 2024
A Prototype Pollution issue in byondreal accessor <= 1.0.0 allows an attacker to execute... High Unreviewed
CVE-2024-36583 was published Jun 17, 2024
mysql2 vulnerable to Prototype Pollution High
CVE-2024-21512 was published for mysql2 (npm) May 30, 2024
MiguelCastillo @bit/loader Prototype Pollution issue High
CVE-2024-24293 was published for @bit/loader (npm) May 20, 2024
json-schema-ref-parser Prototype Pollution issue High
CVE-2024-29651 was published for @apidevtools/json-schema-ref-parser (npm) May 20, 2024
Conform contains a Prototype Pollution Vulnerability in `parseWith...` function High
CVE-2024-32866 was published for @conform-to/dom (npm) Apr 23, 2024
key-moon vtsvetkov-splunk
@andrei-tatar/nora-firebase-common Prototype Pollution vulnerability High
CVE-2024-30564 was published for @andrei-tatar/nora-firebase-common (npm) Apr 18, 2024
web3-utils Prototype Pollution vulnerability High
CVE-2024-21505 was published for web3-utils (npm) Mar 27, 2024
Duplicate Advisory: web3-utils Prototype Pollution vulnerability High
GHSA-87qp-7cw8-8q9c was published for web3-utils (npm) Mar 25, 2024 withdrawn
A prototype pollution vulnerability has been reported to affect several QNAP operating system... High Unreviewed
CVE-2023-39296 was published Jan 5, 2024
ProTip! Advisories are also available from the GraphQL API