GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
22 advisories
Filter by severity
DNN (aka DotNetNuke) has Remote Code Execution via a cookie
High
CVE-2017-9822
was published
for
DotNetNuke.Core
(NuGet)
Oct 16, 2018
High severity vulnerability that affects Microsoft.AspNetCore.Mvc
High
CVE-2017-0249
was published
for
DisCatSharp
(NuGet)
Oct 16, 2018
Moderate severity vulnerability that affects Microsoft.AspNetCore.Mvc
Moderate
CVE-2017-0256
was published
for
Microsoft.AspNetCore.Mvc
(NuGet)
Oct 16, 2018
ASP.NET Core fails to properly validate web requests
High
CVE-2017-0247
was published
for
Microsoft.AspNetCore.Mvc
(NuGet)
Oct 16, 2018
MadsKristensen.AspNetCore.Miniblog subject to Improper Input Validation
Critical
CVE-2019-9845
was published
for
MadsKristensen.AspNetCore.Miniblog
(NuGet)
Jul 5, 2019
Imporoper path validation in elFinder.NetCore
Critical
CVE-2021-23427
was published
for
elFinder.NetCore
(NuGet)
Sep 2, 2021
Path traversal in elFinder.NetCore
High
CVE-2021-23428
was published
for
elFinder.NetCore
(NuGet)
Sep 2, 2021
Improper Input Validation in .Net Framework API's
Moderate
CVE-2019-0657
was published
for
Microsoft.NETCore.App
(NuGet)
May 14, 2022
Improper Input Validation in IpMatcher
Critical
CVE-2021-33318
was published
for
IpMatcher
(NuGet)
May 17, 2022
Improper Input Validation in Microsoft.NETCore.App
High
CVE-2017-8585
was published
for
Microsoft.NETCore.App
(NuGet)
May 17, 2022
DotNetNuke (DNN) Open redirect vulnerability
Moderate
CVE-2013-7335
was published
for
DotNetNuke.Core
(NuGet)
May 17, 2022
Remote code execution in Microsoft.WindowsDesktop.App.Ref
High
CVE-2020-0606
was published
for
Microsoft.WindowsDesktop.App.Ref
(NuGet)
May 24, 2022
ASP.NET Core Denial of Service Vulnerability
High
CVE-2020-1161
was published
for
Microsoft.AspNetCore.App.Runtime.linux-arm
(NuGet)
May 24, 2022
ASP.NET Core Denial of Service Vulnerability
High
CVE-2020-1597
was published
for
Microsoft.AspNetCore.All
(NuGet)
May 24, 2022
Microsoft Common Data Model SDK Denial of Service Vulnerability
Moderate
CVE-2023-36566
was published
for
Microsoft.CommonDataModel.ObjectModel
(Maven)
Oct 10, 2023
Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege Vulnerability
High
CVE-2023-36049
was published
for
System.Net.Requests
(NuGet)
Nov 14, 2023
Duplicate Advisory: Microsoft Identity Denial of service vulnerability
Moderate
GHSA-8g9c-28fc-mcx2
was published
for
Microsoft.IdentityModel.JsonWebTokens
(NuGet)
Jan 9, 2024
•
withdrawn
Duplicate Advisory: NuGet Client Security Feature Bypass Vulnerability
Critical
GHSA-jw42-5m4v-9c8g
was published
for
NuGet.CommandLine
(NuGet)
Jan 9, 2024
•
withdrawn
Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability
Moderate
CVE-2024-30054
was published
for
Microsoft.PowerBI.JavaScript
(NuGet)
May 14, 2024
Microsoft Security Advisory CVE-2024-38095 | .NET Denial of Service Vulnerability
High
CVE-2024-38095
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
Jul 9, 2024
Mimekit has vulnerable dependency that can lead to denial of service
High
GHSA-gmc6-fwg3-75m5
was published
for
MimeKit
(NuGet)
Jul 11, 2024
ProTip!
Advisories are also available from the
GraphQL API