Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,933
Erlang
39
GitHub Actions
38
Go
2,597
Maven
5,000+
npm
4,248
NuGet
754
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+

445 advisories

Loading
Duplicate Advisory: Improper Handling of Exceptional Conditions in Newtonsoft.Json High
GHSA-8rfx-6mr3-5jh3 was published for Newtonsoft.Json (NuGet) Jan 3, 2024 withdrawn
Microsoft Security Advisory CVE-2024-38168 | .NET Denial of Service Vulnerability High
CVE-2024-38168 was published for Microsoft.AspNetCore.App.Runtime.win-arm (NuGet) Aug 13, 2024
Microsoft Security Advisory CVE-2024-30105 | .NET Denial of Service Vulnerability High
CVE-2024-30105 was published for System.Text.Json (NuGet) Jul 9, 2024
tgstation-server's DreamMaker environment files outside the deployment directory can be compiled and ran by insufficiently permissioned users High
CVE-2024-41799 was published for Tgstation.Server.Api (NuGet) Jul 29, 2024
SandPoot Cyberboss
Credited to SandPoot and Cyberboss
Microsoft Security Advisory CVE-2024-38095 | .NET Denial of Service Vulnerability High
CVE-2024-38095 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jul 9, 2024
Microsoft Security Advisory CVE-2024-38081 | .NET Denial of Service Vulnerability High
CVE-2024-38081 was published for Microsoft.IO.Redist (NuGet) Jul 9, 2024
OPCFoundation.NetStandard.Opc.Ua.Core buffer-management vulnerability High
CVE-2024-33862 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jul 6, 2024
SixLabors ImageSharp Out-of-bounds Write High
CVE-2024-41131 was published for SixLabors.ImageSharp (NuGet) Jul 22, 2024
Erik-White
Credited to Erik-White
Mimekit has vulnerable dependency that can lead to denial of service High
GHSA-gmc6-fwg3-75m5 was published for MimeKit (NuGet) Jul 11, 2024
StefanJonssonInExchange
Credited to StefanJonssonInExchange
.NET Denial of Service Vulnerability High
CVE-2023-21538 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jan 10, 2023
.NET Elevation of Privilege Vulnerability High
CVE-2023-24936 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jun 14, 2023
.NET Denial of Service vulnerability High
CVE-2023-29331 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jun 14, 2023
.NET Remote Code Execution Vulnerability High
CVE-2023-33128 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jun 14, 2023
Azure Storage Movement Client Library Denial of Service Vulnerability High
CVE-2024-35252 was published for Microsoft.Azure.Storage.DataMovement (NuGet) Jun 11, 2024
Out-of-bounds write in Microsoft.ChakraCore High
CVE-2019-1195 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write in Microsoft.ChakraCore High
CVE-2019-1140 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write in Microsoft.ChakraCore High
CVE-2019-1139 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write in Microsoft.ChakraCore High
CVE-2019-1131 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Remote Denial of Service Vulnerability in Microsoft.Native.Quic.MsQuic.Schannel High
CVE-2023-38171 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Oct 10, 2023
Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege Vulnerability High
CVE-2023-36049 was published for System.Net.Requests (NuGet) Nov 14, 2023
Azure Identity SDK Remote Code Execution Vulnerability High
CVE-2023-36414 was published for Azure.Identity (NuGet) Oct 10, 2023
scottaddie
Credited to scottaddie
Microsoft Security Advisory CVE-2023-33170: .NET Security Feature Bypass Vulnerability High
CVE-2023-33170 was published for Microsoft.AspNet.Identity.Owin (NuGet) Jul 11, 2023
DmitriyLewen gillarramendi
Credited to DmitriyLewen and gillarramendi
.NET Remote Code Execution Vulnerability High
CVE-2023-35390 was published for Microsoft.NET.Build.Containers (NuGet) Aug 9, 2023
MsQuic Remote Denial of Service Vulnerability High
CVE-2023-36435 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Oct 10, 2023
.NET Denial of Service Vulnerability High
CVE-2023-38178 was published for Microsoft.AspNetCore.App.Runtime.win-arm (NuGet) Aug 9, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database