Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,218
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

44 advisories

Loading
Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function. Critical Unreviewed
CVE-2024-45435 was published Aug 29, 2024
A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML... Critical Unreviewed
CVE-2024-37287 was published Aug 13, 2024
ahilfoley cahil/utils v2.3.2 was discovered to contain a prototype pollution via the function set... Critical Unreviewed
CVE-2024-39014 was published Jul 1, 2024
2o3t-utility v0.1.2 was discovered to contain a prototype pollution via the function extend. This... Critical Unreviewed
CVE-2024-39013 was published Jul 1, 2024
ais-ltd strategyen v0.4.0 was discovered to contain a prototype pollution via the function... Critical Unreviewed
CVE-2024-39012 was published Jul 30, 2024
Prototype Pollution in alykoshin mini-deep-assign v0.0.8 allows an attacker to execute arbitrary... Critical Unreviewed
CVE-2024-38983 was published Jul 30, 2024
Prototype Pollution in lukebond json-override 0.2.0 allows attackers to to execute arbitrary code... Critical Unreviewed
CVE-2024-38984 was published Jul 30, 2024
Prototype Pollution in chargeover redoc v2.0.9-rc.69 allows attackers to execute arbitrary code... Critical Unreviewed
CVE-2024-39011 was published Jul 30, 2024
chase-moskal snapstate v0.0.9 was discovered to contain a prototype pollution via the function... Critical Unreviewed
CVE-2024-39010 was published Jul 30, 2024
Prototype pollution in allpro form-manager 0.7.4 allows attackers to run arbitrary code and cause... Critical Unreviewed
CVE-2024-36572 was published Jul 30, 2024
A vulnerability in the web-based management interface of HPE Aruba Networking EdgeConnect SD-WAN... High Unreviewed
CVE-2024-33519 was published Jul 24, 2024
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could... High Unreviewed
CVE-2024-22443 was published Jul 24, 2024
amoyjs amoy common v1.0.10 was discovered to contain a prototype pollution via the function... High Unreviewed
CVE-2024-39003 was published Jul 1, 2024
jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function config.... High Unreviewed
CVE-2024-38998 was published Jul 1, 2024
adolph_dudu ratio-swiper 0.0.2 was discovered to contain a prototype pollution via the function... Moderate Unreviewed
CVE-2024-39853 was published Jul 1, 2024
che3vinci c3/utils-1 1.0.131 was discovered to contain a prototype pollution via the function... High Unreviewed
CVE-2024-39016 was published Jul 1, 2024
adolph_dudu ratio-swiper v0.0.2 was discovered to contain a prototype pollution via the function... Moderate Unreviewed
CVE-2024-39000 was published Jul 1, 2024
A Prototype Pollution issue in byondreal accessor <= 1.0.0 allows an attacker to execute... High Unreviewed
CVE-2024-36583 was published Jun 17, 2024
The Winters theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype... Moderate Unreviewed
CVE-2023-3962 was published Oct 20, 2023
The nsc theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype... Moderate Unreviewed
CVE-2023-3965 was published Oct 20, 2023
The Your Journey theme for WordPress is vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed
CVE-2023-3933 was published Oct 20, 2023
The Popup by Supsystic WordPress plugin before 1.10.19 has a prototype pollution vulnerability... Critical Unreviewed
CVE-2023-3186 was published Jul 17, 2023
A prototype pollution vulnerability exists in Strikingly CMS which can result in reflected cross... Moderate Unreviewed
CVE-2023-2582 was published May 8, 2023
Cryptographic key vulnerability encoded in the FriendlyWrt firmware affecting version 2022-11-16... Moderate Unreviewed
CVE-2024-2495 was published Mar 15, 2024
A prototype pollution vulnerability has been reported to affect several QNAP operating system... High Unreviewed
CVE-2023-39296 was published Jan 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database