GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
181 advisories
Filter by severity
Umbraco CMS vulnerable to stored XSS
Moderate
CVE-2017-15279
was published
for
UmbracoCMS.Web
(NuGet)
May 17, 2022
Improper Certificate Validation in Microsoft .NET Framework components
Moderate
CVE-2018-8356
was published
for
System.Private.ServiceModel
(NuGet)
May 14, 2022
DotNetNuke Default Machine Key Exposure
Moderate
CVE-2008-6540
was published
for
DotNetNuke.Core
(NuGet)
May 14, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2018-8315
was published
for
Microsoft.ChakraCore
(NuGet)
May 14, 2022
Umbraco CMS vulnerable to stored XSS
Moderate
CVE-2018-17256
was published
for
umbraco
(NuGet)
May 14, 2022
Improper Input Validation in .Net Framework API's
Moderate
CVE-2019-0657
was published
for
Microsoft.NETCore.App
(NuGet)
May 14, 2022
DNN XSS Vulnerability
Moderate
CVE-2018-14486
was published
for
DotNetNuke.Core
(NuGet)
May 14, 2022
jQuery vulnerable to Cross-Site Scripting (XSS)
Moderate
CVE-2011-4969
was published
for
jQuery
(RubyGems)
May 14, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2018-8452
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ChakraCore Security Bypass
Moderate
CVE-2018-8276
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib
Moderate
CVE-2018-1002208
was published
for
SharpZipLib
(NuGet)
May 13, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2019-0648
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
Tampering vulnerability in .NET Core
Moderate
CVE-2018-8416
was published
for
Microsoft.NETCore.App
(NuGet)
May 13, 2022
Improper Access Control in Telerik Extensions
Moderate
CVE-2018-17060
was published
for
TelerikMvcExtensions
(NuGet)
May 13, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2018-0939
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
Bootstrap vulnerable to Cross-Site Scripting (XSS)
Moderate
CVE-2018-14040
was published
for
bootstrap
(RubyGems)
May 13, 2022
Mono ASP.NET View State Cross-Site Scripting (XSS) vulnerability
Moderate
CVE-2010-1459
was published
for
mono
(NuGet)
May 2, 2022
CuteSoft CuteEditor Path Traversal vulnerability
Moderate
CVE-2009-4665
was published
for
CuteEditor
(NuGet)
May 2, 2022
DotNetNuke Vulnerable to XSS in Pass-Through Values
Moderate
CVE-2007-0660
was published
for
DotNetNuke.Core
(NuGet)
May 1, 2022
Apache log4net format string vulnerability causes DoS
Moderate
CVE-2006-0743
was published
for
log4net
(NuGet)
May 1, 2022
Exposure of Sensitive Information to an Unauthorized Actor in DisCatSharp
Moderate
CVE-2022-24849
was published
for
DisCatSharp
(NuGet)
Apr 22, 2022
Azure SDK for .NET Information Disclosure Vulnerability.
Moderate
CVE-2022-26907
was published
for
Microsoft.Rest.ClientRuntime
(NuGet)
Apr 16, 2022
Code injection in RazorEngine
Moderate
CVE-2021-46703
was published
for
RazorEngine
(NuGet)
Mar 7, 2022
Prototype Pollution in jquery.cookie
Moderate
CVE-2022-23395
was published
for
jquery.cookie
(NuGet)
Mar 3, 2022
ProTip!
Advisories are also available from the
GraphQL API