GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,833
Maven
5,000+
npm
3,573
NuGet
632
pip
3,160
Pub
10
RubyGems
847
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+
338 advisories
Filter by severity
Prototype pollution in nconf-toml
Critical
CVE-2021-25946
was published
for
nconf-toml
(npm)
Jun 7, 2021
Prototype pollution in Merge-deep
Critical
CVE-2021-26707
was published
for
merge-deep
(npm)
Jun 7, 2021
eivindfjeldstad-dot contains prototype pollution vulnerability
Moderate
CVE-2020-7639
was published
for
@eivifj/dot
(npm)
May 25, 2021
Prototype Pollution in jquery-deparam
High
CVE-2021-20087
was published
for
jquery-deparam
(npm)
May 24, 2021
Prototype Pollution in jquery-bbq
High
CVE-2021-20086
was published
for
jquery-bbq
(npm)
May 24, 2021
Prototype pollution in controlled-merge
High
CVE-2020-28268
was published
for
controlled-merge
(npm)
May 18, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in casperjs
High
CVE-2020-7679
was published
for
casperjs
(npm)
May 17, 2021
Prototype Pollution in deep-override
Critical
CVE-2021-25941
was published
for
deep-override
(npm)
May 17, 2021
Prototype Pollution in doc-path
Critical
CVE-2020-7772
was published
for
doc-path
(npm)
May 10, 2021
Prototype pollution in json8-merge-patch
High
CVE-2020-8268
was published
for
json8-merge-patch
(npm)
May 10, 2021
Prototype pollution in grpc and @grpc/grpc-js
High
CVE-2020-7768
was published
for
@grpc/grpc-js
(npm)
May 10, 2021
Arbitrary Code Execution in json-ptr
High
CVE-2020-7766
was published
for
json-ptr
(npm)
May 10, 2021
Prototype pollution in @tsed/core
Moderate
CVE-2020-7748
was published
for
@tsed/core
(npm)
May 10, 2021
Prototype Pollution in simpl-schema
High
CVE-2020-7742
was published
for
simpl-schema
(npm)
May 10, 2021
Prototype pollution in json-pointer
Moderate
CVE-2020-7709
was published
for
json-pointer
(npm)
May 10, 2021
Prototype Pollution in tiny-conf
Critical
CVE-2020-7724
was published
for
tiny-conf
(npm)
May 10, 2021
TypeORM vulnerable to MAID and Prototype Pollution
Critical
CVE-2020-8158
was published
for
typeorm
(npm)
May 7, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in vega-util
Moderate
CVE-2019-10806
was published
for
vega-util
(npm)
May 7, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in utilitify
High
CVE-2019-10808
was published
for
utilitify
(npm)
May 7, 2021
ProTip!
Advisories are also available from the
GraphQL API