GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
23 advisories
Filter by severity
Prototype Pollution in mixin-deep
High
CVE-2018-3719
was published
for
mixin-deep
(npm)
Jul 26, 2018
Prototype Pollution in assign-deep
High
CVE-2018-3720
was published
for
assign-deep
(npm)
Jul 26, 2018
Prototype Pollution in merge-deep
High
CVE-2018-3722
was published
for
merge-deep
(npm)
Jul 26, 2018
Prototype Pollution in defaults-deep
High
CVE-2018-3723
was published
for
defaults-deep
(npm)
Jul 26, 2018
Prototype Pollution in handlebars
High
GHSA-q42p-pg8m-cqh6
was published
for
handlebars
(npm)
Jun 5, 2019
dot-prop Prototype Pollution vulnerability
High
CVE-2020-8116
was published
for
dot-prop
(npm)
Jul 29, 2020
Prototype pollution in object-path
High
CVE-2020-15256
was published
for
object-path
(npm)
Oct 19, 2020
Prototype Pollution in json-logic-js
High
GHSA-m9hw-7xfv-wqg7
was published
for
json-logic-js
(npm)
Nov 12, 2020
Prototype Pollution in highlight.js
Moderate
CVE-2020-26237
was published
for
highlight.js
(npm)
Nov 24, 2020
Prototype Pollution in systeminformation
Moderate
CVE-2020-26245
was published
for
systeminformation
(npm)
Nov 27, 2020
Write to immutable memory region in TensorFlow
Moderate
CVE-2020-26268
was published
for
tensorflow
(pip)
Dec 10, 2020
TypeORM vulnerable to MAID and Prototype Pollution
Critical
CVE-2020-8158
was published
for
typeorm
(npm)
May 7, 2021
Prototype pollution in json8-merge-patch
High
CVE-2020-8268
was published
for
json8-merge-patch
(npm)
May 10, 2021
Moodle Allows Modification of Constants
Moderate
CVE-2011-4301
was published
for
moodle/moodle
(Composer)
May 13, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). An...
Moderate
Unreviewed
CVE-2021-37193
was published
May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2)....
Moderate
Unreviewed
CVE-2021-37177
was published
May 24, 2022
An attacker could prepare a specially crafted project file that, if opened, would attempt to...
Moderate
Unreviewed
CVE-2021-42701
was published
May 24, 2022
Google Play Services SDK leads to apps having incorrectly set mutability flag
Moderate
CVE-2022-2390
was published
for
com.google.android.gms:play-services-basement
(Maven)
Aug 13, 2022
The External Visitor Manager portal of HID’s SAFE versions 5.8.0 through
5.11.3 are vulnerable...
High
Unreviewed
CVE-2023-2904
was published
Jul 6, 2023
Modification of Assumed-Immutable Data (MAID) in RDT400 in SICK APU allows an
unprivileged...
Moderate
Unreviewed
CVE-2023-43697
was published
Oct 9, 2023
ProTip!
Advisories are also available from the
GraphQL API