GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,230
Composer 4,347
Erlang 31
GitHub Actions 22
Go 2,117
Maven 5,289
npm 3,768
NuGet 680
pip 3,457
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,668

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

243,668 advisories

Filter by severity

Sort by

Least recently updated

A prototype pollution in the lib.Logger function of eazy-logger v4.0.1 allows attackers to cause... Unknown Unreviewed

CVE-2024-57075 was published Feb 6, 2025

A prototype pollution in the lib.fromQuery function of underscore-contrib v0.3.0 allows attackers... Unknown Unreviewed

CVE-2024-57081 was published Feb 6, 2025

IBM Security Verify Access Appliance 10.0.0 through 10.0.3 could allow a locally authenticated... High Unreviewed

CVE-2024-49814 was published Feb 6, 2025

A prototype pollution in the lib.post function of ajax-request v1.2.3 allows attackers to cause a... Unknown Unreviewed

CVE-2024-57076 was published Feb 6, 2025

A prototype pollution in the function fieldsToJson of node-opcua-alarm-condition v2.134.0 allows... Unknown Unreviewed

CVE-2024-57086 was published Feb 6, 2025

A prototype pollution in the function lib.parse of dot-properties v1.0.1 allows attackers to... Unknown Unreviewed

CVE-2024-57084 was published Feb 6, 2025

A prototype pollution in the function deepMerge of @stryker-mutator/util v8.6.0 allows attackers... Unknown Unreviewed

CVE-2024-57085 was published Feb 6, 2025

A prototype pollution in the lib.merge function of cli-util v1.1.27 allows attackers to cause a... Unknown Unreviewed

CVE-2024-57078 was published Feb 6, 2025

A floating point exception (divide-by-zero) vulnerability was discovered in Bento4 1.6.0-641 in... Unknown Unreviewed

CVE-2024-57598 was published Feb 6, 2025

IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed

CVE-2024-49791 was published Feb 6, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 does not properly rate limit the frequency that an... Moderate Unreviewed

CVE-2024-38316 was published Feb 6, 2025

A prototype pollution in the lib.createUploader function of @rpldy/uploader v1.8.1 allows... Unknown Unreviewed

CVE-2024-57082 was published Feb 6, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed

CVE-2024-56471 was published Feb 6, 2025

A prototype pollution in the lib.deepMerge function of @zag-js/core v0.50.0 allows attackers to... Unknown Unreviewed

CVE-2024-57079 was published Feb 6, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 could allow an attacker to spoof their IP address,... Moderate Unreviewed

CVE-2024-56473 was published Feb 6, 2025

A prototype pollution in the lib.merge function of xe-utils v3.5.31 allows attackers to cause a... Unknown Unreviewed

CVE-2024-57074 was published Feb 6, 2025

The latest version of utils-extend (1.0.8) is vulnerable to Prototype Pollution through the entry... Unknown Unreviewed

CVE-2024-57077 was published Feb 6, 2025

Insecure Permissions vulnerability in asterisk v22 allows a remote attacker to execute arbitrary... Unknown Unreviewed

CVE-2024-57520 was published Feb 6, 2025

A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1. When loading a specially... Unknown Unreviewed

CVE-2024-57699 was published Feb 6, 2025

A prototype pollution in the lib.install function of vxe-table v4.8.10 allows attackers to cause... Unknown Unreviewed

CVE-2024-57080 was published Feb 6, 2025

IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an... Moderate Unreviewed

CVE-2024-49792 was published Feb 6, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to stored cross-site scripting. This... Moderate Unreviewed

CVE-2024-56472 was published Feb 6, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to HTML injection. A remote attacker... Moderate Unreviewed

CVE-2024-38318 was published Feb 6, 2025

IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed

CVE-2024-56470 was published Feb 6, 2025

IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to... Moderate Unreviewed

CVE-2024-49795 was published Feb 6, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

243,668 advisories