Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

154 advisories

Loading
DotNetNuke (DNN) Open redirect vulnerability Moderate
CVE-2013-7335 was published for DotNetNuke.Core (NuGet) May 17, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2017-0208 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2017-8659 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter Moderate
CVE-2013-4649 was published for DotNetNuke.Core (NuGet) May 17, 2022
Umbraco CMS XXE Vulnerability Moderate
CVE-2017-15280 was published for UmbracoCms.Web (NuGet) May 17, 2022
Umbraco CMS vulnerable to stored XSS Moderate
CVE-2017-15279 was published for UmbracoCMS.Web (NuGet) May 17, 2022
Improper Certificate Validation in Microsoft .NET Framework components Moderate
CVE-2018-8356 was published for System.Private.ServiceModel (NuGet) May 14, 2022
florelis skofman1
DotNetNuke Default Machine Key Exposure Moderate
CVE-2008-6540 was published for DotNetNuke.Core (NuGet) May 14, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2018-8315 was published for Microsoft.ChakraCore (NuGet) May 14, 2022
Umbraco CMS vulnerable to stored XSS Moderate
CVE-2018-17256 was published for umbraco (NuGet) May 14, 2022
Improper Input Validation in .Net Framework API's Moderate
CVE-2019-0657 was published for Microsoft.NETCore.App (NuGet) May 14, 2022
DNN XSS Vulnerability Moderate
CVE-2018-14486 was published for DotNetNuke.Core (NuGet) May 14, 2022
jQuery vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2011-4969 was published for jQuery (RubyGems) May 14, 2022
jhutchings1 klaudialax
CoreFTP Directory Traversal Moderate
CVE-2019-9648 was published for CoreFtp (NuGet) May 14, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2018-8452 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
ChakraCore Security Bypass Moderate
CVE-2018-8276 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib Moderate
CVE-2018-1002208 was published for SharpZipLib (NuGet) May 13, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2019-0648 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
Tampering vulnerability in .NET Core Moderate
CVE-2018-8416 was published for Microsoft.NETCore.App (NuGet) May 13, 2022
Improper Access Control in Telerik Extensions Moderate
CVE-2018-17060 was published for TelerikMvcExtensions (NuGet) May 13, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2018-0939 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
Mono ASP.NET View State Cross-Site Scripting (XSS) vulnerability Moderate
CVE-2010-1459 was published for mono (NuGet) May 2, 2022
CuteSoft CuteEditor Path Traversal vulnerability Moderate
CVE-2009-4665 was published for CuteEditor (NuGet) May 2, 2022
DotNetNuke Vulnerable to XSS in Pass-Through Values Moderate
CVE-2007-0660 was published for DotNetNuke.Core (NuGet) May 1, 2022
Apache log4net format string vulnerability causes DoS Moderate
CVE-2006-0743 was published for log4net (NuGet) May 1, 2022
ProTip! Advisories are also available from the GraphQL API