GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
400 advisories
Filter by severity
Prototype Pollution in jsgui-lang-essentials
High
CVE-2022-25301
was published
for
jsgui-lang-essentials
(npm)
May 3, 2022
Prototype Pollution in madlib-object-utils
High
CVE-2022-24279
was published
for
madlib-object-utils
(npm)
Apr 16, 2022
Prototype Pollution in fullpage.js
High
CVE-2022-1295
was published
for
fullpage.js
(npm)
Apr 12, 2022
Prototype Pollution in deepmerge-ts
High
CVE-2022-24802
was published
for
deepmerge-ts
(npm)
Apr 1, 2022
Prototype Pollution in simple-plist
Critical
CVE-2022-26260
was published
for
simple-plist
(npm)
Mar 23, 2022
Sandbox escape in notevil and argencoders-notevil
Moderate
CVE-2021-23771
was published
for
argencoders-notevil
(npm)
Mar 18, 2022
Prototype Pollution in libnested
Critical
CVE-2022-25352
was published
for
libnested
(npm)
Mar 18, 2022
Prototype Pollution in minimist
Critical
CVE-2021-44906
was published
for
minimist
(npm)
Mar 18, 2022
The jQuery deserialize library in Fisheye and Crucible before version 4.8.9 allowed remote...
Moderate
Unreviewed
CVE-2021-43956
was published
Mar 17, 2022
Command injection in Parse Server through prototype pollution
Critical
CVE-2022-24760
was published
for
parse-server
(npm)
Mar 11, 2022
Prototype Pollution in jquery.cookie
Moderate
CVE-2022-23395
was published
for
jquery.cookie
(NuGet)
Mar 3, 2022
Due to the formatting logic of the "console.table()" function it was not safe to allow user...
High
Unreviewed
CVE-2022-21824
was published
Feb 25, 2022
Prototype Pollution in object-extend
Critical
CVE-2021-23702
was published
for
object-extend
(npm)
Feb 19, 2022
Prototype pollution in Plist before 3.0.5 can cause denial of service
Critical
CVE-2022-22912
was published
for
plist
(npm)
Feb 18, 2022
Prototype Pollution in litespeed.js and appwrite/server-ce
Critical
CVE-2021-23682
was published
for
appwrite/server-ce
(Composer)
Feb 17, 2022
ProTip!
Advisories are also available from the
GraphQL API