Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

415 advisories

Loading
libwebp: OOB write in BuildHuffmanTable High
CVE-2023-4863 was published for Pillow (Go) Sep 12, 2023
delroth Nachtalb
pshelton-skype
.NET Information Disclosure Vulnerability High
CVE-2023-35391 was published for Microsoft.AspNetCore.SignalR.Redis (NuGet) Aug 11, 2023
.NET Remote Code Execution Vulnerability High
CVE-2023-35390 was published for Microsoft.NET.Build.Containers (NuGet) Aug 9, 2023
.NET Denial of Service Vulnerability High
CVE-2023-38178 was published for Microsoft.AspNetCore.App.Runtime.win-arm (NuGet) Aug 9, 2023
.NET Denial of Service Vulnerability High
CVE-2023-38180 was published for Microsoft.AspNetCore.App.Runtime.win-arm64 (NuGet) Aug 9, 2023
mkilgore
Umbraco allows possible Admin-level access to backoffice without Auth under rare conditions High
CVE-2023-37267 was published for Umbraco.Cms.Infrastructure (NuGet) Jul 13, 2023
1k-off dmitryMinaev
a-karandashov
Microsoft Security Advisory CVE-2023-33127: .NET Remote Code Execution Vulnerability High
CVE-2023-33127 was published for Microsoft.WindowsDesktop.App.Runtime.win-arm64 (NuGet) Jul 11, 2023
Microsoft Security Advisory CVE-2023-33170: .NET Security Feature Bypass Vulnerability High
CVE-2023-33170 was published for Microsoft.AspNet.Identity.Owin (NuGet) Jul 11, 2023
DmitriyLewen gillarramendi
YARP Denial of Service Vulnerability High
CVE-2023-33141 was published for Yarp.ReverseProxy (NuGet) Jun 23, 2023
Microsoft Security Advisory CVE-2023-33126: .NET Remote Code Execution Vulnerability High
CVE-2023-33126 was published for Microsoft.NetCore.App.Runtime.win-arm (NuGet) Jun 14, 2023
.NET Remote Code Execution Vulnerability High
CVE-2023-33128 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jun 14, 2023
.NET Denial of Service vulnerability High
CVE-2023-29331 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jun 14, 2023
.NET Elevation of Privilege Vulnerability High
CVE-2023-24936 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jun 14, 2023
.NET Remote Code Execution Vulnerability High
CVE-2023-24895 was published for Microsoft.WindowsDesktop.App.Runtime.win-arm64 (NuGet) Jun 14, 2023
.NET Remote Code Execution Vulnerability High
CVE-2023-24897 was published for Microsoft.NetCore.App.Runtime.win-arm (NuGet) Jun 14, 2023
NuGet Client Remote Code Execution Vulnerability High
CVE-2023-29337 was published for Microsoft.Build.NuGetSdkResolver (NuGet) Jun 14, 2023
tgstation-server cached user logins in legacy server High
CVE-2018-17107 was published for TGServiceInterface (NuGet) Jun 12, 2023
Cyberboss
Snowflake Connector .Net Command Injection High
CVE-2023-34230 was published for Snowflake.Data (NuGet) Jun 9, 2023
Uncontrolled Resource Consumption in OPC UA .NET Standard Reference Server High
CVE-2023-27321 was published for OPCFoundation.NetStandard.Opc.Ua.Server (NuGet) May 5, 2023
Insufficient token expiration in Serenity High
CVE-2023-31287 was published for Serenity.Net.Core (NuGet) Apr 27, 2023
Directory traversal + file write causing arbitrary code execution High
CVE-2023-30626 was published for Jellyfin.Controller (NuGet) Apr 24, 2023
theGEBIRGE
.NET Remote Code Execution vulnerability High
CVE-2023-28260 was published for Microsoft.NetCore.App.Runtime.win-arm (NuGet) Apr 11, 2023
Snappier vulnerable to buffer overrun due to improper restriction of operations within the bounds of a memory buffer High
CVE-2023-28638 was published for Snappier (NuGet) Mar 27, 2023
brantburnett
MongoDB .NET/C# Driver vulnerable to Deserialization of Untrusted Data High
CVE-2022-48282 was published for MongoDB.Driver (NuGet) Feb 21, 2023
.NET Remote Code Execution Vulnerability High
CVE-2023-21808 was published for Microsoft.NetCore.App.Runtime.win-arm (NuGet) Feb 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database