GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
174 advisories
Filter by severity
An issue was discovered in CMS Made Simple 2.2.8. In the administrator page admin/changegroupperm...
High
Unreviewed
CVE-2019-9058
was published
May 13, 2022
Prototype pollution in @strikeentco/set
High
CVE-2020-28267
was published
for
@strikeentco/set
(npm)
May 24, 2022
jquery-plugin-query-object contains prototype pollution vulnerability
High
CVE-2021-20083
was published
for
jquery-query-object
(npm)
May 24, 2022
mootools-more vulnerable to prototype pollution
High
CVE-2021-20088
was published
for
mootools-more
(npm)
May 24, 2022
Prototype Pollution in protobufjs
High
CVE-2022-25878
was published
for
protobufjs
(npm)
May 28, 2022
Prototype Pollution in deep-get-set
High
CVE-2022-21231
was published
for
deep-get-set
(npm)
Jun 25, 2022
grunt-util-property 0.0.2 function call can add/modify properties of Object.prototype using a __proto__ payload
High
CVE-2020-7641
was published
for
grunt-util-property
(npm)
Jul 18, 2022
automattic/mongoose vulnerable to Prototype pollution via Schema.path
High
CVE-2022-2564
was published
for
mongoose
(npm)
Jul 29, 2022
A vulnerability found in postgresql. On this security issue an attack requires permission to...
High
Unreviewed
CVE-2022-2625
was published
Aug 19, 2022
hoek subject to prototype pollution via the clone function.
High
CVE-2020-36604
was published
for
@hapi/hoek
(npm)
Sep 25, 2022
Prototype pollution in Snowboard framework
High
CVE-2022-39357
was published
for
wintercms/winter
(Composer)
Oct 27, 2022
Parse Server vulnerable to Prototype Pollution via Cloud Code Webhooks or Cloud Code Triggers
High
CVE-2022-41878
was published
for
parse-server
(npm)
Nov 9, 2022
Parse Server is vulnerable to Prototype Pollution via Cloud Code Webhooks
High
CVE-2022-41879
was published
for
parse-server
(npm)
Nov 10, 2022
dustjs-linkedin vulnerable to Prototype Pollution
High
CVE-2021-4264
was published
for
dustjs-linkedin
(npm)
Dec 21, 2022
If an object prototype was corrupted by an attacker, they would have been able to set undesired...
High
Unreviewed
CVE-2022-2200
was published
Dec 22, 2022
If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype...
High
Unreviewed
CVE-2022-1802
was published
Dec 22, 2022
An attacker could have sent a message to the parent process where the contents were used to...
High
Unreviewed
CVE-2022-1529
was published
Dec 22, 2022
tree-kit vulnerable to Prototype Pollution
High
CVE-2021-4278
was published
for
tree-kit
(npm)
Dec 25, 2022
Starcounter-Jack JSON-Patch Prototype Pollution vulnerability
High
CVE-2021-4279
was published
for
fast-json-patch
(npm)
Dec 25, 2022
Prototype Pollution in JSON5 via Parse Method
High
CVE-2022-46175
was published
for
json5
(npm)
Dec 29, 2022
convict vulnerable to Prototype Pollution
High
CVE-2023-0163
was published
for
convict
(npm)
Jan 10, 2023
A prototype pollution vulnerability exists in Rocket.Chat server <5.2.0 that could allow an...
High
Unreviewed
CVE-2023-23917
was published
Feb 23, 2023
ProTip!
Advisories are also available from the
GraphQL API