Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,683
Erlang
34
GitHub Actions
26
Go
2,274
Maven
5,000+
npm
3,926
NuGet
706
pip
3,693
Pub
12
RubyGems
916
Rust
948
Swift
38
Unreviewed advisories
All unreviewed
5,000+

430 advisories

Loading
High severity vulnerability that affects PeterO.Cbor High
GHSA-cxw4-9qv9-vx5h was published for PeterO.Cbor (NuGet) Sep 30, 2019
High severity vulnerability that affects System.Management.Automation High
CVE-2019-1301 was published for System.Management.Automation (NuGet) Sep 13, 2019
TravisEz13
Uncontrolled Resource Consumption in MetadataExtractor High
CVE-2019-14262 was published for MetadataExtractor (NuGet) Aug 23, 2019
Vulnerability in Azure Active Directory Authentication Library High
CVE-2019-1258 was published for microsoft.identitymodel.clients.activedirectory (NuGet) Aug 16, 2019
Inadequate Encryption Strength in DotNetNuke High
CVE-2018-15811 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
Insufficient Entropy in DotNetNuke High
CVE-2018-15812 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
Insufficient Entropy in DotNetNuke High
CVE-2018-18326 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
Inadequate Encryption Strength in DotNetNuke High
CVE-2018-18325 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0639 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0609 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0592 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0611 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0769 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0773 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0771 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
Improper Certificate Validation in Microsoft .NET Framework components High
CVE-2018-0786 was published for Microsoft.NETCore.UniversalWindowsPlatform (NuGet) Oct 16, 2018
skofman1
Denial of service in ASP.NET Core High
CVE-2018-8269 was published for Microsoft.AspNetCore.All (NuGet) Oct 16, 2018
leecow
ASP.NET Core fails to properly validate web requests High
CVE-2017-0247 was published for Microsoft.AspNetCore.Mvc (NuGet) Oct 16, 2018
High severity vulnerability that affects Microsoft.AspNetCore.Mvc High
CVE-2017-0249 was published for DisCatSharp (NuGet) Oct 16, 2018
ASP.NET Core allow an elevation of privilege High
CVE-2018-0787 was published for Microsoft.AspNetCore.HttpOverrides (NuGet) Oct 16, 2018
Security feature bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated High
CVE-2018-8171 was published for Microsoft.AspNetCore.Identity (NuGet) Oct 16, 2018
Denial of service vulnerability exists when System.IO.Pipelines improperly handles requests High
CVE-2018-8409 was published for Microsoft.AspNetCore.All (NuGet) Oct 16, 2018
Denial of service vulnerability exists when .NET and .NET Core improperly process XML documents High
CVE-2018-0765 was published for System.Security.Cryptography.Xml (NuGet) Oct 16, 2018
High severity vulnerability that affects OPCFoundation.NetStandard.Opc.Ua High
CVE-2018-12086 was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Oct 16, 2018
DNN (aka DotNetNuke) has Remote Code Execution via a cookie High
CVE-2017-9822 was published for DotNetNuke.Core (NuGet) Oct 16, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database