GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
154 advisories
Filter by severity
DotNetNuke (DNN) Open redirect vulnerability
Moderate
CVE-2013-7335
was published
for
DotNetNuke.Core
(NuGet)
May 17, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2017-0208
was published
for
Microsoft.ChakraCore
(NuGet)
May 17, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2017-8659
was published
for
Microsoft.ChakraCore
(NuGet)
May 17, 2022
DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter
Moderate
CVE-2013-4649
was published
for
DotNetNuke.Core
(NuGet)
May 17, 2022
Umbraco CMS XXE Vulnerability
Moderate
CVE-2017-15280
was published
for
UmbracoCms.Web
(NuGet)
May 17, 2022
Umbraco CMS vulnerable to stored XSS
Moderate
CVE-2017-15279
was published
for
UmbracoCMS.Web
(NuGet)
May 17, 2022
Improper Certificate Validation in Microsoft .NET Framework components
Moderate
CVE-2018-8356
was published
for
System.Private.ServiceModel
(NuGet)
May 14, 2022
DotNetNuke Default Machine Key Exposure
Moderate
CVE-2008-6540
was published
for
DotNetNuke.Core
(NuGet)
May 14, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2018-8315
was published
for
Microsoft.ChakraCore
(NuGet)
May 14, 2022
Umbraco CMS vulnerable to stored XSS
Moderate
CVE-2018-17256
was published
for
umbraco
(NuGet)
May 14, 2022
Improper Input Validation in .Net Framework API's
Moderate
CVE-2019-0657
was published
for
Microsoft.NETCore.App
(NuGet)
May 14, 2022
DNN XSS Vulnerability
Moderate
CVE-2018-14486
was published
for
DotNetNuke.Core
(NuGet)
May 14, 2022
jQuery vulnerable to Cross-Site Scripting (XSS)
Moderate
CVE-2011-4969
was published
for
jQuery
(RubyGems)
May 14, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2018-8452
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ChakraCore Security Bypass
Moderate
CVE-2018-8276
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib
Moderate
CVE-2018-1002208
was published
for
SharpZipLib
(NuGet)
May 13, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2019-0648
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
Tampering vulnerability in .NET Core
Moderate
CVE-2018-8416
was published
for
Microsoft.NETCore.App
(NuGet)
May 13, 2022
Improper Access Control in Telerik Extensions
Moderate
CVE-2018-17060
was published
for
TelerikMvcExtensions
(NuGet)
May 13, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2018-0939
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
Mono ASP.NET View State Cross-Site Scripting (XSS) vulnerability
Moderate
CVE-2010-1459
was published
for
mono
(NuGet)
May 2, 2022
CuteSoft CuteEditor Path Traversal vulnerability
Moderate
CVE-2009-4665
was published
for
CuteEditor
(NuGet)
May 2, 2022
DotNetNuke Vulnerable to XSS in Pass-Through Values
Moderate
CVE-2007-0660
was published
for
DotNetNuke.Core
(NuGet)
May 1, 2022
Apache log4net format string vulnerability causes DoS
Moderate
CVE-2006-0743
was published
for
log4net
(NuGet)
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API