Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,833
Maven
5,000+
npm
3,573
NuGet
632
pip
3,160
Pub
10
RubyGems
847
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+

338 advisories

Loading
Prototype pollution in nconf-toml Critical
CVE-2021-25946 was published for nconf-toml (npm) Jun 7, 2021
Prototype pollution in Merge-deep Critical
CVE-2021-26707 was published for merge-deep (npm) Jun 7, 2021
Prototype pollution in nestie Critical
CVE-2021-25947 was published for nestie (npm) Jun 7, 2021
eivindfjeldstad-dot contains prototype pollution vulnerability Moderate
CVE-2020-7639 was published for @eivifj/dot (npm) May 25, 2021
Prototype Pollution in jquery-deparam High
CVE-2021-20087 was published for jquery-deparam (npm) May 24, 2021
Prototype Pollution in jquery-bbq High
CVE-2021-20086 was published for jquery-bbq (npm) May 24, 2021
Prototype pollution in controlled-merge High
CVE-2020-28268 was published for controlled-merge (npm) May 18, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in casperjs High
CVE-2020-7679 was published for casperjs (npm) May 17, 2021
Prototype pollution in 101 Critical
CVE-2021-25943 was published for 101 (npm) May 17, 2021
Prototype Pollution in deep-override Critical
CVE-2021-25941 was published for deep-override (npm) May 17, 2021
Prototype Pollution in doc-path Critical
CVE-2020-7772 was published for doc-path (npm) May 10, 2021
Prototype pollution in json8-merge-patch High
CVE-2020-8268 was published for json8-merge-patch (npm) May 10, 2021
Prototype pollution in json8 Critical
CVE-2020-7770 was published for json8 (npm) May 10, 2021
Prototype pollution in grpc and @grpc/grpc-js High
CVE-2020-7768 was published for @grpc/grpc-js (npm) May 10, 2021
Arbitrary Code Execution in json-ptr High
CVE-2020-7766 was published for json-ptr (npm) May 10, 2021
tdunlap607
Prototype pollution in @tsed/core Moderate
CVE-2020-7748 was published for @tsed/core (npm) May 10, 2021
Prototype pollution in chart.js High
CVE-2020-7746 was published for chart.js (npm) May 10, 2021
Prototype Pollution in simpl-schema High
CVE-2020-7742 was published for simpl-schema (npm) May 10, 2021
Prototype pollution in json-pointer Moderate
CVE-2020-7709 was published for json-pointer (npm) May 10, 2021
Prototype Pollution in bmoor High
CVE-2020-7736 was published for bmoor (npm) May 10, 2021
Prototype Pollution in tiny-conf Critical
CVE-2020-7724 was published for tiny-conf (npm) May 10, 2021
Prototype Pollution in swiper Critical
CVE-2021-23370 was published for swiper (npm) May 10, 2021
TypeORM vulnerable to MAID and Prototype Pollution Critical
CVE-2020-8158 was published for typeorm (npm) May 7, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in vega-util Moderate
CVE-2019-10806 was published for vega-util (npm) May 7, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in utilitify High
CVE-2019-10808 was published for utilitify (npm) May 7, 2021
ProTip! Advisories are also available from the GraphQL API