Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

79 advisories

Loading
Prototype Pollution in deephas Critical
CVE-2020-28271 was published for deephas (npm) Sep 24, 2021
Prototype pollution in aurelia-path Critical
CVE-2021-41097 was published for aurelia-path (npm) Sep 27, 2021
msrkp
Prototype pollution in object-hierarchy-access Critical
CVE-2020-28270 was published for object-hierarchy-access (npm) Oct 12, 2021
Prototype Pollution in vm2 Critical
CVE-2021-23449 was published for vm2 (npm) Oct 19, 2021
Prototype Pollution in x-assign High
CVE-2021-23452 was published for x-assign (npm) Oct 21, 2021
json-schema is vulnerable to Prototype Pollution Critical
CVE-2021-3918 was published for json-schema (npm) Nov 19, 2021
Prototype Pollution in algoliasearch-helper Critical
CVE-2021-23433 was published for algoliasearch-helper (npm) Nov 23, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in Apache Struts Critical
CVE-2019-0230 was published for org.apache.struts:struts2-core (Maven) Dec 2, 2021
Improperly Controlled Modification of Dynamically-Determined Object Attributes in express-mock-middleware Moderate
CVE-2020-7616 was published for express-mock-middleware (npm) Dec 9, 2021
Prototype Pollution in field Critical
CVE-2020-28269 was published for field (npm) Dec 10, 2021
Prototype polluation in just-safe-set Critical
CVE-2021-25952 was published for just-safe-set (npm) Dec 10, 2021
Prototype Pollution in ts-nodash High
CVE-2021-23403 was published for ts-nodash (npm) Dec 10, 2021
Prototype Pollution in record-like-deep-assign High
CVE-2021-23402 was published for record-like-deep-assign (npm) Dec 10, 2021
Uncontrolled Resource Consumption in fun-map High
CVE-2020-7644 was published for fun-map (npm) Dec 10, 2021
Prototype Pollution in Ajv Moderate
CVE-2020-15366 was published for ajv (npm) Feb 10, 2022
Prototype Pollution in deepmerge-ts High
CVE-2022-24802 was published for deepmerge-ts (npm) Apr 1, 2022
qcubed PHP object injection Critical
CVE-2020-24914 was published for qcubed/qcubed (Composer) May 24, 2022
sqlite vulnerable to code execution due to Object coercion High
CVE-2022-43441 was published for sqlite3 (npm) Mar 13, 2023
Netmaker Vulnerable to Privilege Escalation From Non Admin To Admin User High
CVE-2023-32079 was published for github.com/gravitl/netmaker (Go) Aug 25, 2023
rootxharsh iamnoooob
ProTip! Advisories are also available from the GraphQL API