Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

181 advisories

Loading
jQuery UI vulnerable to XSS when refreshing a checkboxradio with an HTML-like initial text label Moderate
CVE-2022-31160 was published for jQuery.UI.Combined (RubyGems) Jul 18, 2022
Elkano c960657
Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption Library Moderate
CVE-2022-30187 was published for Azure.Storage.Blobs (Maven) Jul 13, 2022
andrewpollock
Potential leak of NuGet.org API key Moderate
CVE-2022-30184 was published for NuGet.CommandLine (NuGet) Jun 14, 2022
JarLob
Cross site scripting in SSCMS Moderate
CVE-2022-30349 was published for SSCMS (NuGet) Jun 3, 2022
Weak private key generation in SSH.NET Moderate
CVE-2022-29245 was published for SSH.NET (NuGet) Jun 1, 2022
yaumn-synacktiv
Cross-site Scripting in ZKEACMS Moderate
CVE-2022-29362 was published for ZKEACMS.Publisher (NuGet) May 26, 2022
Cross site scripting in SiteServer CMS Moderate
CVE-2021-42656 was published for SSCMS (NuGet) May 25, 2022
NuGet Package Manager Tampering Vulnerability Moderate
CVE-2019-0976 was published for NuGet.Commands (NuGet) May 24, 2022
JarLob
Elevation of privilege in ASP.NET Core Moderate
CVE-2019-1302 was published for Microsoft.AspNetCore.SpaServices (NuGet) May 24, 2022
leecow
Cross site scripting attack in ServiceStack Framework Moderate
CVE-2019-1010199 was published for ServiceStack (NuGet) May 24, 2022
jhutchings1
MongoDB C# Driver Risk of Exposing Authentication Data via Command Listener Moderate
CVE-2021-20331 was published for mongodb.driver (NuGet) May 24, 2022
AlmogApiiro
Denial of service in .NET core Moderate
CVE-2021-1721 was published for Microsoft.NETCore.App (NuGet) May 24, 2022
Umbraco CMS vulnerable to stored XSS Moderate
CVE-2020-5809 was published for UmbracoCms.Core (NuGet) May 24, 2022
Integer overflow in the bundled Brotli C library Moderate
CVE-2020-8927 was published for Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm (NuGet) May 24, 2022
GleamTech FileUltimate Cross-site Scripting Moderate
CVE-2020-15015 was published for GleamTech.FileUltimate (NuGet) May 24, 2022
DNN File Upload Vulnerability Moderate
CVE-2020-5188 was published for DotNetNuke.Core (NuGet) May 24, 2022
DNN XSS Vulnerability Moderate
CVE-2020-5186 was published for DotNetNuke.Core (NuGet) May 24, 2022
Umbraco CMS vulnerable to CSRF Moderate
CVE-2020-7210 was published for UmbracoCMS.Core (NuGet) May 24, 2022
Denial of service in ASP.NET Core Moderate
CVE-2020-0602 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
skofman1
Open redirect in ASP.NET Core Moderate
CVE-2019-1075 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
DotNetNuke (DNN) Open redirect vulnerability Moderate
CVE-2013-7335 was published for DotNetNuke.Core (NuGet) May 17, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2017-0208 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2017-8659 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter Moderate
CVE-2013-4649 was published for DotNetNuke.Core (NuGet) May 17, 2022
Umbraco CMS XXE Vulnerability Moderate
CVE-2017-15280 was published for UmbracoCms.Web (NuGet) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database