GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,778
Maven
5,000+
npm
3,542
NuGet
619
pip
3,127
Pub
10
RubyGems
838
Rust
791
Swift
34
Unreviewed advisories
All unreviewed
5,000+
80 advisories
Filter by severity
ag-grid packages vulnerable to Prototype Pollution
Moderate
CVE-2024-39001
was published
for
@ag-grid-enterprise/charts
(npm)
Jul 1, 2024
@aofl/cli-lib Prototype Pollution vulnerability
Moderate
CVE-2024-38987
was published
for
@aofl/cli-lib
(npm)
Jul 1, 2024
@cat5th/key-serializer Prototype Pollution vulnerability
Moderate
CVE-2024-39018
was published
for
@cat5th/key-serializer
(npm)
Jul 1, 2024
flatten-json Prototype Pollution
Moderate
CVE-2024-36574
was published
for
@allanlancioni/flatten-json
(npm)
Jun 17, 2024
@akbr/update Prototype Pollution
Moderate
CVE-2024-36578
was published
for
@akbr/update
(npm)
Jun 17, 2024
Jenkins Subversion Partial Release Manager Plugin programmatically disables the fix for CVE-2016-3721
Moderate
CVE-2024-34148
was published
for
org.jenkins-ci.plugins:partial-release-manager
(Maven)
May 2, 2024
adolph_dudu ratio-swiper was discovered to contain a prototype pollution via the function extendDefaults
Moderate
CVE-2024-38997
was published
for
@adolph_dudu/ratio-swiper
(npm)
Jul 1, 2024
adolph_dudu ratio-swiper 0.0.2 was discovered to contain a prototype pollution via the function...
Moderate
Unreviewed
CVE-2024-39853
was published
Jul 1, 2024
adolph_dudu ratio-swiper v0.0.2 was discovered to contain a prototype pollution via the function...
Moderate
Unreviewed
CVE-2024-39000
was published
Jul 1, 2024
tough-cookie Prototype Pollution vulnerability
Moderate
CVE-2023-26136
was published
for
tough-cookie
(npm)
Jul 1, 2023
Badger Database Prototype Pollution
Moderate
CVE-2024-36581
was published
for
@abw/badger-database
(npm)
Jun 17, 2024
ejs lacks certain pollution protection
Moderate
CVE-2024-33883
was published
for
ejs
(npm)
Apr 28, 2024
MiguelCastillo @bit/loader Prototype Pollution issue
Moderate
CVE-2024-24293
was published
for
@bit/loader
(npm)
May 20, 2024
XSS in jQuery as used in Drupal, Backdrop CMS, and other products
Moderate
CVE-2019-11358
was published
for
django
(RubyGems)
Apr 26, 2019
mysql2 vulnerable to Prototype Poisoning
Moderate
CVE-2024-21509
was published
for
mysql2
(npm)
Apr 10, 2024
The Winters theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype...
Moderate
Unreviewed
CVE-2023-3962
was published
Oct 20, 2023
The nsc theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype...
Moderate
Unreviewed
CVE-2023-3965
was published
Oct 20, 2023
The Your Journey theme for WordPress is vulnerable to Reflected Cross-Site Scripting via...
Moderate
Unreviewed
CVE-2023-3933
was published
Oct 20, 2023
A prototype pollution vulnerability exists in Strikingly CMS which can result in reflected cross...
Moderate
Unreviewed
CVE-2023-2582
was published
May 8, 2023
Cryptographic key vulnerability encoded in the FriendlyWrt firmware affecting version 2022-11-16...
Moderate
Unreviewed
CVE-2024-2495
was published
Mar 15, 2024
xml2js is vulnerable to prototype pollution
Moderate
CVE-2023-0842
was published
for
xml2js
(npm)
Apr 5, 2023
ProTip!
Advisories are also available from the
GraphQL API