Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,877
Erlang
37
GitHub Actions
38
Go
2,538
Maven
5,000+
npm
4,198
NuGet
743
pip
3,971
Pub
12
RubyGems
947
Rust
1,030
Swift
39
Unreviewed advisories
All unreviewed
5,000+

219 advisories

Loading
Cross-site Scripting in PiranhaCMS Moderate
CVE-2021-25977 was published for Piranha (NuGet) Oct 27, 2021
Credential Disclosure in System.DirectoryServices.Protocols Moderate
CVE-2021-41355 was published for System.DirectoryServices.Protocols (NuGet) Oct 12, 2021
Insufficient Session Expiration and TOCTOU Race Condition in OPC FOundation UA .Net Standard Moderate
CVE-2020-8867 was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Aug 2, 2021
Unrestricted Upload of File with Dangerous Type in Umbraco CMS Moderate
CVE-2020-9472 was published for UmbracoCms (NuGet) Aug 2, 2021
Incorrect permission enforcement in UmbracoCms Moderate
CVE-2020-29454 was published for UmbracoCms (NuGet) Apr 13, 2021
Authenticated path traversal in Umbraco CMS Moderate
CVE-2020-5811 was published for UmbracoCms (NuGet) Apr 13, 2021
Signature validation bypass in ServiceStack Moderate
CVE-2020-28042 was published for ServiceStack (NuGet) Jan 13, 2021
Moderate severity vulnerability that affects Microsoft.AspNetCore.Mvc Moderate
CVE-2017-0256 was published for Microsoft.AspNetCore.Mvc (NuGet) Oct 16, 2018
Cross-site scripting in CLEditor Moderate
CVE-2019-1010113 was published for CLEditor (NuGet) Jul 26, 2019
Remote code execution vulnerability in dependency System.Drawing.Common Moderate
GHSA-gpv5-rp6w-58r8 was published for Akka (NuGet) Nov 22, 2022
petrikero
Elevation of privilege in ASP.NET Core Moderate
CVE-2019-1302 was published for Microsoft.AspNetCore.SpaServices (NuGet) May 24, 2022
leecow
.NET Information Disclosure Vulnerability Moderate
CVE-2022-41064 was published for Microsoft.Data.SqlClient (NuGet) Nov 8, 2022
shanrath grvillic
ASP.NET Core Information Disclosure Vulnerability Moderate
CVE-2021-34532 was published for Microsoft.AspNetCore.Authentication.JwtBearer (NuGet) Aug 25, 2021
Exposure of Sensitive Information in OPCFoundation.NetStandard.Opc.Ua.Server Moderate
CVE-2022-33916 was published for OPCFoundation.NetStandard.Opc.Ua.Server (NuGet) Aug 24, 2022
mregen
Denial of service in .NET core Moderate
CVE-2021-1721 was published for Microsoft.NETCore.App (NuGet) May 24, 2022
Denial of service in ASP.NET Core Moderate
CVE-2020-0602 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
skofman1
Improper Certificate Validation in OPCFoundation.NetStandard.Opc.Ua.Core Moderate
CVE-2020-29457 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Nov 19, 2021
mregen
Improper Certificate Validation in Microsoft .NET Framework components Moderate
CVE-2018-8356 was published for System.Private.ServiceModel (NuGet) May 14, 2022
florelis skofman1
Cross-site scripting vulnerability in TinyMCE alerts Moderate
CVE-2022-23494 was published for TinyMCE (Composer) Dec 8, 2022
P4rkJW
DNN vulnerable to Relative Path Traversal Moderate
CVE-2022-2922 was published for DotNetNuke.Core (NuGet) Oct 1, 2022
OrchardCore vulnerable to HTML injection Moderate
CVE-2022-32173 was published for OrchardCore (NuGet) Oct 4, 2022
Weak private key generation in SSH.NET Moderate
CVE-2022-29245 was published for SSH.NET (NuGet) Jun 1, 2022
yaumn-synacktiv
Cross site scripting in SSCMS Moderate
CVE-2022-30349 was published for SSCMS (NuGet) Jun 3, 2022
Cross site scripting attack in ServiceStack Framework Moderate
CVE-2019-1010199 was published for ServiceStack (NuGet) May 24, 2022
jhutchings1
Cross-site Scripting in ZKEACMS Moderate
CVE-2022-29362 was published for ZKEACMS.Publisher (NuGet) May 26, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database