Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

445 advisories

Loading
Out-of-bounds Write in ChakraCore High
CVE-2020-0828 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
Out-of-bounds write in ChakraCore High
CVE-2020-0826 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
Out-of-bounds write in ChakraCore High
CVE-2020-0833 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
Out-of-bounds write in ChakraCore High
CVE-2020-0848 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
ASP.NET Core Denial of Service Vulnerability High
CVE-2021-31957 was published for Microsoft.NETCore.App.Ref (NuGet) Oct 6, 2021 withdrawn
Incorrect Regular Expression in RestSharp High
CVE-2021-27293 was published for RestSharp (NuGet) Jul 14, 2021
Out-of-bounds Write in ChakraCore High
CVE-2020-0831 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
Out-of-bounds write in ChakraCore High
CVE-2020-0829 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
Cross-Site Request Forgery in PiranhaCMS High
CVE-2021-25976 was published for Piranha (NuGet) Nov 17, 2021
ASP.NET Core Denial of Service Vulnerability High
CVE-2020-1161 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) May 24, 2022
.NET Core & .NET Framework Denial of Service Vulnerability High
CVE-2020-1108 was published for Microsoft.NETCore.App (NuGet) May 24, 2022
Umbraco ApplicationURL Overwrite High
CVE-2022-22690 was published for Umbraco.Cms.Core (NuGet) Jan 21, 2022
Umbraco Persistent Password Reset Poison High
CVE-2022-22691 was published for Umbraco.Cms.Core (NuGet) Jan 21, 2022
Path Traversal in SharpZipLib High
CVE-2021-32840 was published for SharpZipLib (NuGet) Feb 1, 2022
Use after free in Animation High
CVE-2022-0609 was published for CefSharp.Common (NuGet) Feb 22, 2022
Regular Expression Denial of Service in System.Text.RegularExpressions High
CVE-2019-0820 was published for System.Text.RegularExpressions (NuGet) Aug 4, 2021
r-bit-rry
Credited to r-bit-rry
Insecure defaults in UmbracoForms High
CVE-2020-7685 was published for UmbracoForms (NuGet) Jul 29, 2020
MongoDB .NET/C# Driver vulnerable to Deserialization of Untrusted Data High
CVE-2022-48282 was published for MongoDB.Driver (NuGet) Feb 21, 2023
Snappier vulnerable to buffer overrun due to improper restriction of operations within the bounds of a memory buffer High
CVE-2023-28638 was published for Snappier (NuGet) Mar 27, 2023
brantburnett
Credited to brantburnett
Signature verification vulnerability in Stark Bank ecdsa libraries High
GHSA-9wx7-jrvc-28mm was published for com.starkbank:ecdsa-java (Maven) Nov 8, 2021
tdunlap607
Credited to tdunlap607
.NET Remote Code Execution vulnerability High
CVE-2023-28260 was published for Microsoft.NetCore.App.Runtime.win-arm (NuGet) Apr 11, 2023
Auth0-ASPNET and Auth0-ASPNET-Owin vulnerable to Cross-Site Request Forgery High
CVE-2018-15121 was published for Auth0-ASPNET-Owin (NuGet) May 14, 2022
klaudialax
Credited to klaudialax
Improper Authentication in Auth0.AuthenticationApi High
CVE-2019-16929 was published for Auth0.AuthenticationApi (NuGet) Oct 24, 2019
klaudialax
Credited to klaudialax
Inappropriate implementation in V8 High
CVE-2020-16009 was published for CefSharp.Common (NuGet) Dec 2, 2020
tgstation-server cached user logins in legacy server High
CVE-2018-17107 was published for TGServiceInterface (NuGet) Jun 12, 2023
Cyberboss
Credited to Cyberboss
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database