Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,196
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,483
Pub
12
RubyGems
992
Rust
1,186
Swift
51
Unreviewed advisories
All unreviewed
5,000+

474 advisories

Loading
Amazon.IonDotnet is vulnerable to Denial of Service attacks High
CVE-2025-11573 was published for Amazon.IonDotnet (NuGet) Oct 9, 2025
PowerShell Elevation of Privilege Vulnerability High
CVE-2022-26788 was published for Microsoft.PowerShell.SDK (NuGet) Apr 16, 2022
mgsymonds Credited to mgsymonds
Infinite loop condition in Amazon.IonDotnet High
CVE-2025-3857 was published for Amazon.IonDotnet (NuGet) Apr 21, 2025
Duplicate Advisory: Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability High
GHSA-q8g5-rw97-f55h was published for Microsoft.Build.Tasks.Core (NuGet) Oct 14, 2025 withdrawn
ChakraCore RCE Vulnerability High
CVE-2016-7201 was published for Microsoft.ChakraCore (NuGet) May 14, 2022
ChakraCore RCE Vulnerability High
CVE-2016-7200 was published for Microsoft.ChakraCore (NuGet) May 14, 2022
ChakraCore RCE Vulnerability High
CVE-2018-8298 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
Inadequate Encryption Strength in DotNetNuke High
CVE-2018-15811 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
Inadequate Encryption Strength in DotNetNuke High
CVE-2018-18325 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability High
CVE-2020-1147 was published for Microsoft.NETCore.App (NuGet) May 24, 2022
.NET Denial of Service Vulnerability High
CVE-2023-38180 was published for Microsoft.AspNetCore.App.Runtime.win-arm64 (NuGet) Aug 9, 2023
mkilgore Credited to mkilgore
Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability High
CVE-2025-24070 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Mar 11, 2025
dwelch2344 Credited to dwelch2344, udlose, and rbhanda udlose udlose
rbhanda rbhanda
Microsoft Security Advisory CVE-2025-55247 | .NET Denial of Service Vulnerability High
CVE-2025-55247 was published for Microsoft.Build (NuGet) Oct 15, 2025
rbhanda Credited to rbhanda
ImageMagick has a Stack Buffer Overflow in image.c High
CVE-2025-53101 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 25, 2025
momo-trip Credited to momo-trip, YutoIn, iwashiira, and utshina YutoIn YutoIn
iwashiira iwashiira utshina utshina
ImageMagick (WriteBMPImage): 32-bit integer overflow when writing BMP scanline stride → heap buffer overflow High
CVE-2025-57803 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 26, 2025
mescuwa Credited to mescuwa
imagemagick: integer overflows in MNG magnification High
CVE-2025-55154 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 25, 2025
Path Traversal: 'dir/../../filename' in moment.locale High
CVE-2022-24785 was published for Moment.js (npm) Apr 4, 2022
Moment.js vulnerable to Inefficient Regular Expression Complexity High
CVE-2022-31129 was published for Moment.js (npm) Jul 6, 2022
doublevkay Credited to doublevkay
Microsoft Security Advisory CVE-2024-38081 | .NET Elevation of Privilege Vulnerability High
CVE-2024-38081 was published for Microsoft.IO.Redist (NuGet) Jul 9, 2024
Csla affected by Remote Code Execution via WcfProxy (NetDataContractSerializer) High
CVE-2025-66631 was published for Csla (NuGet) Dec 8, 2025
rockfordlhotka Credited to rockfordlhotka and Outurnate Outurnate Outurnate
ImageMagick is vulnerable to an integer Overflow in TIM decoder leading to out of bounds read (32-bit only) High
CVE-2025-66628 was published for Magick.NET-Q16-AnyCPU (NuGet) Dec 10, 2025
Sumitshah00 Credited to Sumitshah00
ImageMagick has a Format String Bug in InterpretImageFilename leads to arbitrary code execution High
CVE-2025-55298 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 26, 2025
leehohojune Credited to leehohojune, hanbunny, jin-156, amethyst0225, and pigeontwo9999 hanbunny hanbunny
jin-156 jin-156 amethyst0225 amethyst0225 pigeontwo9999 pigeontwo9999
DotNetNuke.Core Vulnerable to Stored XSS in Scheduler LogNotes High
CVE-2026-24836 was published for DotNetNuke.Core (NuGet) Jan 28, 2026
mojav3r Credited to mojav3r and bdukes bdukes bdukes
DotNetNuke.Core Vulnerable to Stored XSS in Module Deletion Confirmation Modal High
CVE-2026-24837 was published for DotNetNuke.Core (NuGet) Jan 28, 2026
mojav3r Credited to mojav3r and bdukes bdukes bdukes
Microsoft Security Advisory CVE-2026-21218 | .NET Security Feature Bypass Vulnerability High
CVE-2026-21218 was published for System.Security.Cryptography.Cose (NuGet) Feb 10, 2026
MattKilgore Credited to MattKilgore, bribrothers, and yusuke-koyoshi bribrothers bribrothers
yusuke-koyoshi yusuke-koyoshi
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database