Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

863 advisories

Loading
Denial of service vulnerability exists when System.IO.Pipelines improperly handles requests High
CVE-2018-8409 was published for Microsoft.AspNetCore.All (NuGet) Oct 16, 2018
Out-of-bounds write in libpng High
CVE-2018-14550 was published for libpng (NuGet) Mar 22, 2021
Missing Authorization with Default Settings in Dashboard UI High
CVE-2021-41238 was published for Hangfire.Core (NuGet) Nov 3, 2021
.NET Core Denial of Service Vulnerability High
CVE-2018-0875 was published for Microsoft.NETCore.Jit (NuGet) May 13, 2022
Improper Input Validation in Microsoft.NETCore.App High
CVE-2017-8585 was published for Microsoft.NETCore.App (NuGet) May 17, 2022
Remote code execution in ASP.NET Core High
CVE-2020-0603 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
skofman1 Credited to skofman1
Denial of service in ASP.NET Core Moderate
CVE-2020-0602 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
skofman1 Credited to skofman1
Remote code execution in Microsoft.WindowsDesktop.App.Ref High
CVE-2020-0606 was published for Microsoft.WindowsDesktop.App.Ref (NuGet) May 24, 2022
skofman1 Credited to skofman1
Denial of service in .NET core Moderate
CVE-2021-1721 was published for Microsoft.NETCore.App (NuGet) May 24, 2022
.NET Core Remote Code Execution Vulnerability Critical
CVE-2021-24112 was published for System.Drawing.Common (NuGet) May 24, 2022
Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29865 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen Credited to mregen
Security Update for the OPC UA .NET Standard Stack High
CVE-2022-29862 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen Credited to mregen
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29864 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen Credited to mregen
Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29863 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen Credited to mregen
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29866 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen Credited to mregen
Exposure of Sensitive Information in OPCFoundation.NetStandard.Opc.Ua.Server Moderate
CVE-2022-33916 was published for OPCFoundation.NetStandard.Opc.Ua.Server (NuGet) Aug 24, 2022
mregen Credited to mregen
XML External Entity attack in log4net Critical
CVE-2018-1285 was published for log4net (NuGet) Jan 29, 2021
.NET Core Elevation of Privilege Vulnerability High
CVE-2021-26423 was published for Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64 (NuGet) Oct 25, 2022
ASP.NET Core Information Disclosure Vulnerability Moderate
CVE-2021-34532 was published for Microsoft.AspNetCore.Authentication.JwtBearer (NuGet) Aug 25, 2021
.NET Information Disclosure Vulnerability Moderate
CVE-2022-41064 was published for Microsoft.Data.SqlClient (NuGet) Nov 8, 2022
shanrath Credited to shanrath and grvillic grvillic grvillic
DNS NuGet package uses insufficiently random values Critical
CVE-2021-4248 was published for DNS (NuGet) Dec 18, 2022
Elevation of privilege in ASP.NET Core Moderate
CVE-2019-1302 was published for Microsoft.AspNetCore.SpaServices (NuGet) May 24, 2022
leecow Credited to leecow
Remote code execution vulnerability in dependency System.Drawing.Common Moderate
GHSA-gpv5-rp6w-58r8 was published for Akka (NuGet) Nov 22, 2022
petrikero Credited to petrikero
Code Injection in Masuit.Tools.Core High
CVE-2022-21167 was published for Masuit.Tools.Core (NuGet) May 3, 2022
Insufficient Entropy in DotNetNuke High
CVE-2018-15812 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database