Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

154 advisories

Loading
Prototype Pollution in jquery.cookie Moderate
CVE-2022-23395 was published for jquery.cookie (NuGet) Mar 3, 2022
Code injection in RazorEngine Moderate
CVE-2021-46703 was published for RazorEngine (NuGet) Mar 7, 2022
skofman1
Azure SDK for .NET Information Disclosure Vulnerability. Moderate
CVE-2022-26907 was published for Microsoft.Rest.ClientRuntime (NuGet) Apr 16, 2022
Exposure of Sensitive Information to an Unauthorized Actor in DisCatSharp Moderate
CVE-2022-24849 was published for DisCatSharp (NuGet) Apr 22, 2022
Apache log4net format string vulnerability causes DoS Moderate
CVE-2006-0743 was published for log4net (NuGet) May 1, 2022
DotNetNuke Vulnerable to XSS in Pass-Through Values Moderate
CVE-2007-0660 was published for DotNetNuke.Core (NuGet) May 1, 2022
CuteSoft CuteEditor Path Traversal vulnerability Moderate
CVE-2009-4665 was published for CuteEditor (NuGet) May 2, 2022
Mono ASP.NET View State Cross-Site Scripting (XSS) vulnerability Moderate
CVE-2010-1459 was published for mono (NuGet) May 2, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2018-0939 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
Improper Access Control in Telerik Extensions Moderate
CVE-2018-17060 was published for TelerikMvcExtensions (NuGet) May 13, 2022
Tampering vulnerability in .NET Core Moderate
CVE-2018-8416 was published for Microsoft.NETCore.App (NuGet) May 13, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2019-0648 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib Moderate
CVE-2018-1002208 was published for SharpZipLib (NuGet) May 13, 2022
ChakraCore Security Bypass Moderate
CVE-2018-8276 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2018-8452 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
CoreFTP Directory Traversal Moderate
CVE-2019-9648 was published for CoreFtp (NuGet) May 14, 2022
jQuery vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2011-4969 was published for jQuery (RubyGems) May 14, 2022
jhutchings1 klaudialax
DNN XSS Vulnerability Moderate
CVE-2018-14486 was published for DotNetNuke.Core (NuGet) May 14, 2022
Improper Input Validation in .Net Framework API's Moderate
CVE-2019-0657 was published for Microsoft.NETCore.App (NuGet) May 14, 2022
Umbraco CMS vulnerable to stored XSS Moderate
CVE-2018-17256 was published for umbraco (NuGet) May 14, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2018-8315 was published for Microsoft.ChakraCore (NuGet) May 14, 2022
DotNetNuke Default Machine Key Exposure Moderate
CVE-2008-6540 was published for DotNetNuke.Core (NuGet) May 14, 2022
Improper Certificate Validation in Microsoft .NET Framework components Moderate
CVE-2018-8356 was published for System.Private.ServiceModel (NuGet) May 14, 2022
florelis skofman1
Umbraco CMS XXE Vulnerability Moderate
CVE-2017-15280 was published for UmbracoCms.Web (NuGet) May 17, 2022
Umbraco CMS vulnerable to stored XSS Moderate
CVE-2017-15279 was published for UmbracoCMS.Web (NuGet) May 17, 2022
ProTip! Advisories are also available from the GraphQL API