Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

415 advisories

Loading
Use after free in Animation High
CVE-2022-0609 was published for CefSharp.Common (NuGet) Feb 22, 2022
Regular Expression Denial of Service in System.Text.RegularExpressions High
CVE-2019-0820 was published for System.Text.RegularExpressions (NuGet) Aug 4, 2021
r-bit-rry
Insecure defaults in UmbracoForms High
CVE-2020-7685 was published for UmbracoForms (NuGet) Jul 29, 2020
MongoDB .NET/C# Driver vulnerable to Deserialization of Untrusted Data High
CVE-2022-48282 was published for MongoDB.Driver (NuGet) Feb 21, 2023
Snappier vulnerable to buffer overrun due to improper restriction of operations within the bounds of a memory buffer High
CVE-2023-28638 was published for Snappier (NuGet) Mar 27, 2023
brantburnett
Signature verification vulnerability in Stark Bank ecdsa libraries High
GHSA-9wx7-jrvc-28mm was published for com.starkbank:ecdsa-java (Maven) Nov 8, 2021
tdunlap607
.NET Remote Code Execution vulnerability High
CVE-2023-28260 was published for Microsoft.NetCore.App.Runtime.win-arm (NuGet) Apr 11, 2023
.NET Remote Code Execution Vulnerability High
CVE-2022-41089 was published for Microsoft.WindowsDesktop.App.Runtime.win-arm64 (NuGet) Dec 14, 2022
tdunlap607
Auth0-ASPNET and Auth0-ASPNET-Owin vulnerable to Cross-Site Request Forgery High
CVE-2018-15121 was published for Auth0-ASPNET-Owin (NuGet) May 14, 2022
klaudialax
Improper Authentication in Auth0.AuthenticationApi High
CVE-2019-16929 was published for Auth0.AuthenticationApi (NuGet) Oct 24, 2019
klaudialax
Inappropriate implementation in V8 High
CVE-2020-16009 was published for CefSharp.Common (NuGet) Dec 2, 2020
tgstation-server cached user logins in legacy server High
CVE-2018-17107 was published for TGServiceInterface (NuGet) Jun 12, 2023
Cyberboss
.NET Denial of Service Vulnerability High
CVE-2022-24464 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Oct 21, 2022
.NET Denial of Service Vulnerability High
CVE-2022-21986 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Oct 21, 2022
ChakraCore information disclosure vulnerability High
CVE-2020-0813 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
DNN Path Traversal via Zip Slip High
CVE-2020-5187 was published for DotNetNuke.Core (NuGet) May 24, 2022
ChakraCore RCE Vulnerability High
CVE-2020-0811 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
ChakraCore RCE Vulnerability High
CVE-2020-0812 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
Umbraco CMS Authenticated File Upload High
CVE-2020-9471 was published for UmbracoCMS.Core (NuGet) May 24, 2022
ChakraCore RCE Vulnerability High
CVE-2020-0767 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
ChakraCore RCE Vulnerability High
CVE-2020-0710 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
ChakraCore RCE Vulnerability High
CVE-2020-0711 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
ChakraCore Remote Code Execution Vulnerability High
CVE-2020-0970 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
ChakraCore Remote Code Execution Vulnerability High
CVE-2020-1037 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
ChakraCore RCE Vulnerability High
CVE-2018-0859 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database