Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

609 advisories

Loading
.NET Information Disclosure Vulnerability Moderate
CVE-2022-41064 was published for Microsoft.Data.SqlClient (NuGet) Nov 8, 2022
shanrath grvillic
DNS NuGet package uses insufficiently random values Critical
CVE-2021-4248 was published for DNS (NuGet) Dec 18, 2022
Elevation of privilege in ASP.NET Core Moderate
CVE-2019-1302 was published for Microsoft.AspNetCore.SpaServices (NuGet) May 24, 2022
leecow
Remote code execution vulnerability in dependency System.Drawing.Common Moderate
GHSA-gpv5-rp6w-58r8 was published for Akka (NuGet) Nov 22, 2022
petrikero
Code Injection in Masuit.Tools.Core High
CVE-2022-21167 was published for Masuit.Tools.Core (NuGet) May 3, 2022
Inadequate Encryption Strength in DotNetNuke High
CVE-2018-18325 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
Insufficient Entropy in DotNetNuke High
CVE-2018-15812 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
Inadequate Encryption Strength in DotNetNuke High
CVE-2018-15811 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
Insufficient Entropy in DotNetNuke High
CVE-2018-18326 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
Cross-site scripting in CLEditor Moderate
CVE-2019-1010113 was published for CLEditor (NuGet) Jul 26, 2019
Uncontrolled Resource Consumption in MetadataExtractor High
CVE-2019-14262 was published for MetadataExtractor (NuGet) Aug 23, 2019
Missing Token Replay Detection in Saml2 Authentication services for ASP.NET High
CVE-2020-5261 was published for Sustainsys.Saml2 (NuGet) Mar 25, 2020
ASP.NET Core fails to properly validate web requests High
CVE-2017-0247 was published for Microsoft.AspNetCore.Mvc (NuGet) Oct 16, 2018
Moderate severity vulnerability that affects Microsoft.AspNetCore.Mvc Moderate
CVE-2017-0256 was published for Microsoft.AspNetCore.Mvc (NuGet) Oct 16, 2018
Denial of service vulnerability exists when .NET and .NET Core improperly process XML documents High
CVE-2018-0764 was published for System.Security.Cryptography.Xml (NuGet) Oct 16, 2018
Security feature bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated High
CVE-2018-8171 was published for Microsoft.AspNetCore.Identity (NuGet) Oct 16, 2018
High severity vulnerability that affects Microsoft.AspNetCore.Mvc High
CVE-2017-0249 was published for DisCatSharp (NuGet) Oct 16, 2018
ASP.NET Core and Visual Studio Denial of Service Vulnerability High
CVE-2021-1723 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) May 24, 2022
skofman1
XSS in HtmlSanitizer Low
CVE-2020-26293 was published for HtmlSanitizer (NuGet) Jan 4, 2021
Signature validation bypass in ServiceStack Moderate
CVE-2020-28042 was published for ServiceStack (NuGet) Jan 13, 2021
Out-of-bounds write High
CVE-2019-0917 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-0913 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-0915 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Use after free in CefSharp High
CVE-2020-16017 was published for CefSharp.Common (NuGet) Nov 27, 2020
Out-of-bounds write High
CVE-2019-1092 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
ProTip! Advisories are also available from the GraphQL API