GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
638 advisories
Filter by severity
DNS NuGet package uses insufficiently random values
Critical
CVE-2021-4248
was published
for
DNS
(NuGet)
Dec 18, 2022
Elevation of privilege in ASP.NET Core
Moderate
CVE-2019-1302
was published
for
Microsoft.AspNetCore.SpaServices
(NuGet)
May 24, 2022
Remote code execution vulnerability in dependency System.Drawing.Common
Moderate
GHSA-gpv5-rp6w-58r8
was published
for
Akka
(NuGet)
Nov 22, 2022
Code Injection in Masuit.Tools.Core
High
CVE-2022-21167
was published
for
Masuit.Tools.Core
(NuGet)
May 3, 2022
Inadequate Encryption Strength in DotNetNuke
High
CVE-2018-18325
was published
for
DotNetNuke.Core
(NuGet)
Jul 5, 2019
Insufficient Entropy in DotNetNuke
High
CVE-2018-15812
was published
for
DotNetNuke.Core
(NuGet)
Jul 5, 2019
Insufficient Entropy in DotNetNuke
High
CVE-2018-18326
was published
for
DotNetNuke.Core
(NuGet)
Jul 5, 2019
Inadequate Encryption Strength in DotNetNuke
High
CVE-2018-15811
was published
for
DotNetNuke.Core
(NuGet)
Jul 5, 2019
Cross-site scripting in CLEditor
Moderate
CVE-2019-1010113
was published
for
CLEditor
(NuGet)
Jul 26, 2019
Uncontrolled Resource Consumption in MetadataExtractor
High
CVE-2019-14262
was published
for
MetadataExtractor
(NuGet)
Aug 23, 2019
Missing Token Replay Detection in Saml2 Authentication services for ASP.NET
High
CVE-2020-5261
was published
for
Sustainsys.Saml2
(NuGet)
Mar 25, 2020
ASP.NET Core fails to properly validate web requests
High
CVE-2017-0247
was published
for
Microsoft.AspNetCore.Mvc
(NuGet)
Oct 16, 2018
Moderate severity vulnerability that affects Microsoft.AspNetCore.Mvc
Moderate
CVE-2017-0256
was published
for
Microsoft.AspNetCore.Mvc
(NuGet)
Oct 16, 2018
Denial of service vulnerability exists when .NET and .NET Core improperly process XML documents
High
CVE-2018-0764
was published
for
System.Security.Cryptography.Xml
(NuGet)
Oct 16, 2018
Security feature bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated
High
CVE-2018-8171
was published
for
Microsoft.AspNetCore.Identity
(NuGet)
Oct 16, 2018
High severity vulnerability that affects Microsoft.AspNetCore.Mvc
High
CVE-2017-0249
was published
for
DisCatSharp
(NuGet)
Oct 16, 2018
ASP.NET Core and Visual Studio Denial of Service Vulnerability
High
CVE-2021-1723
was published
for
Microsoft.AspNetCore.App.Runtime.linux-arm
(NuGet)
May 24, 2022
Signature validation bypass in ServiceStack
Moderate
CVE-2020-28042
was published
for
ServiceStack
(NuGet)
Jan 13, 2021
ProTip!
Advisories are also available from the
GraphQL API