GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,512
Composer 4,968
Erlang 39
GitHub Actions 38
Go 2,616
Maven 6,100
npm 4,255
NuGet 760
pip 4,040
Pub 12
RubyGems 953
Rust 1,050
Swift 45

Unreviewed advisories

All unreviewed 275,735

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

68 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability exists in the 'dagre-d3-es' Node.js package version 7.0.9, specifically within... Critical Unreviewed

CVE-2025-57347 was published Sep 24, 2025

Vulnerability of exposing object heap addresses in the Ark eTS module. Impact: Successful... High Unreviewed

CVE-2025-58280 was published Sep 5, 2025

Spreecommerce versions prior to 0.60.2 contains a remote command execution vulnerability in its... Critical Unreviewed

CVE-2011-10019 was published Aug 13, 2025

A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP... Critical Unreviewed

CVE-2025-25014 was published May 6, 2025

A vulnerability, which was classified as problematic, was found in nortikin Sverchok 1.3.0.... Moderate Unreviewed

CVE-2025-3982 was published Apr 27, 2025

Prototype Pollution in Kibana can lead to code injection via unrestricted file upload combined... High Unreviewed

CVE-2024-12556 was published Apr 8, 2025

A Prototype Pollution issue in Aliconnect /sdk v.0.0.6 allows an attacker to execute arbitrary... Critical Unreviewed

CVE-2024-24292 was published Mar 28, 2025

Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and... Critical Unreviewed

CVE-2025-25015 was published Mar 5, 2025

In Progress® Telerik® KendoReact versions v3.5.0 through v9.4.0, an attacker can introduce or... Moderate Unreviewed

CVE-2024-12629 was published Feb 12, 2025

In Progress® Telerik® Kendo UI for Vue versions v2.4.0 through v6.0.1, an attacker can introduce... Moderate Unreviewed

CVE-2024-11628 was published Feb 12, 2025

A prototype pollution in the lib.post function of ajax-request v1.2.3 allows attackers to cause a... High Unreviewed

CVE-2024-57076 was published Feb 6, 2025

A prototype pollution in the lib.fromQuery function of underscore-contrib v0.3.0 allows attackers... High Unreviewed

CVE-2024-57081 was published Feb 6, 2025

A prototype pollution in the function lib.parse of dot-properties v1.0.1 allows attackers to... High Unreviewed

CVE-2024-57084 was published Feb 6, 2025

A prototype pollution in the lib.merge function of xe-utils v3.5.31 allows attackers to cause a... High Unreviewed

CVE-2024-57074 was published Feb 6, 2025

A prototype pollution in the lib.merge function of cli-util v1.1.27 allows attackers to cause a... High Unreviewed

CVE-2024-57078 was published Feb 6, 2025

A prototype pollution in the lib function of expand-object v0.4.2 allows attackers to cause a... High Unreviewed

CVE-2024-57069 was published Feb 6, 2025

A prototype pollution in the lib.parse function of dot-qs v0.2.0 allows attackers to cause a... High Unreviewed

CVE-2024-57067 was published Feb 6, 2025

A prototype pollution in the lib.setValue function of @syncfusion/ej2-spreadsheet v27.2.2 allows... High Unreviewed

CVE-2024-57064 was published Feb 6, 2025

A prototype pollution in the lib.combine function of php-parser v3.2.1 allows attackers to cause... High Unreviewed

CVE-2024-57071 was published Feb 6, 2025

A prototype pollution in the lib function of php-date-formatter v1.3.6 allows attackers to cause... High Unreviewed

CVE-2024-57063 was published Feb 6, 2025

A prototype pollution in the lib.createPath function of utile v0.3.0 allows attackers to cause a... High Unreviewed

CVE-2024-57065 was published Feb 6, 2025

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')... Critical Unreviewed

CVE-2024-56059 was published Dec 18, 2024

In JetBrains YouTrack before 2024.3.52635 multiple merge functions were vulnerable to prototype... Moderate Unreviewed

CVE-2024-54156 was published Dec 4, 2024

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')... Critical Unreviewed

CVE-2024-52441 was published Nov 20, 2024

Chartist 1.x through 1.3.0 allows Prototype Pollution via the extend function. Critical Unreviewed

CVE-2024-45435 was published Aug 29, 2024

Previous1…3 Next

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

68 advisories