Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

609 advisories

Loading
SSCMS vulnerable to Cross Site Scripting Moderate
CVE-2023-2862 was published for SSCMS (NuGet) May 24, 2023
Snowflake Connector .Net Command Injection High
CVE-2023-34230 was published for Snowflake.Data (NuGet) Jun 9, 2023
tgstation-server cached user logins in legacy server High
CVE-2018-17107 was published for TGServiceInterface (NuGet) Jun 12, 2023
Cyberboss
NuGet Client Remote Code Execution Vulnerability High
CVE-2023-29337 was published for Microsoft.Build.NuGetSdkResolver (NuGet) Jun 14, 2023
.NET Remote Code Execution Vulnerability High
CVE-2023-24897 was published for Microsoft.NetCore.App.Runtime.win-arm (NuGet) Jun 14, 2023
.NET Remote Code Execution Vulnerability High
CVE-2023-24895 was published for Microsoft.WindowsDesktop.App.Runtime.win-arm64 (NuGet) Jun 14, 2023
.NET Elevation of Privilege Vulnerability High
CVE-2023-24936 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jun 14, 2023
.NET Denial of Service vulnerability High
CVE-2023-29331 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jun 14, 2023
.NET Remote Code Execution Vulnerability High
CVE-2023-33128 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jun 14, 2023
Microsoft Security Advisory CVE-2023-33126: .NET Remote Code Execution Vulnerability High
CVE-2023-33126 was published for Microsoft.NetCore.App.Runtime.win-arm (NuGet) Jun 14, 2023
Dynamic Linq vulnerable to remote code execution Critical
CVE-2023-32571 was published for System.Linq.Dynamic.Core (NuGet) Jun 22, 2023
YARP Denial of Service Vulnerability High
CVE-2023-33141 was published for Yarp.ReverseProxy (NuGet) Jun 23, 2023
Duplicate Advisory: jQuery Cross Site Scripting vulnerability Moderate
CVE-2020-23064 was published for jQuery (RubyGems) Jun 26, 2023 withdrawn
eoftedal
Microsoft Security Advisory CVE-2023-33170: .NET Security Feature Bypass Vulnerability High
CVE-2023-33170 was published for Microsoft.AspNet.Identity.Owin (NuGet) Jul 11, 2023
DmitriyLewen gillarramendi
Microsoft Security Advisory CVE-2023-33127: .NET Remote Code Execution Vulnerability High
CVE-2023-33127 was published for Microsoft.WindowsDesktop.App.Runtime.win-arm64 (NuGet) Jul 11, 2023
Umbraco allows possible Admin-level access to backoffice without Auth under rare conditions High
CVE-2023-37267 was published for Umbraco.Cms.Infrastructure (NuGet) Jul 13, 2023
1k-off dmitryMinaev
a-karandashov
.NET Denial of Service Vulnerability High
CVE-2023-38180 was published for Microsoft.AspNetCore.App.Runtime.win-arm64 (NuGet) Aug 9, 2023
mkilgore
.NET Denial of Service Vulnerability High
CVE-2023-38178 was published for Microsoft.AspNetCore.App.Runtime.win-arm (NuGet) Aug 9, 2023
.NET Remote Code Execution Vulnerability High
CVE-2023-35390 was published for Microsoft.NET.Build.Containers (NuGet) Aug 9, 2023
Moq v4.20.0-rc to 4.20.1 share hashed user data Low
GHSA-6r78-m64m-qwcf was published for moq (NuGet) Aug 10, 2023
JonDouglas
.NET Information Disclosure Vulnerability High
CVE-2023-35391 was published for Microsoft.AspNetCore.SignalR.Redis (NuGet) Aug 11, 2023
libwebp: OOB write in BuildHuffmanTable High
CVE-2023-4863 was published for Pillow (Go) Sep 12, 2023
delroth Nachtalb
pshelton-skype
Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability Moderate
CVE-2023-36799 was published for Microsoft.NETCore.App.Runtime.linux-arm (NuGet) Sep 12, 2023
Microsoft Security Advisory CVE-2023-36796: .NET Remote Code Execution Vulnerability High
CVE-2023-36796 was published for Microsoft.NETCore.App.Runtime.win-arm64 (NuGet) Sep 12, 2023
Microsoft Security Advisory CVE-2023-36793: .NET Remote Code Execution Vulnerability High
CVE-2023-36793 was published for Microsoft.NETCore.App.Runtime.win-arm64 (NuGet) Sep 12, 2023
ProTip! Advisories are also available from the GraphQL API