Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,558
Maven
5,000+
npm
4,232
NuGet
751
pip
4,001
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5 advisories

Loading
Duende IdentityServer has insufficient validation of DPoP cnf claim in Local APIs Low
CVE-2024-49755 was published for Duende.IdentityServer (NuGet) Oct 28, 2024
Improper Authentication in Auth0.AuthenticationApi High
CVE-2019-16929 was published for Auth0.AuthenticationApi (NuGet) Oct 24, 2019
klaudialax
Credited to klaudialax
Security feature bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated High
CVE-2018-8171 was published for Microsoft.AspNetCore.Identity (NuGet) Oct 16, 2018
Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29865 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Credited to mregen
Improper Authentication High
GHSA-qxx8-292g-2w66 was published for Microsoft.Bot.Connector (NuGet) Mar 8, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database