Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

398 advisories

Loading
Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29865 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29863 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29864 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Remote code execution in ASP.NET Core High
CVE-2020-0603 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
skofman1
Remote code execution in Microsoft.WindowsDesktop.App.Ref High
CVE-2020-0606 was published for Microsoft.WindowsDesktop.App.Ref (NuGet) May 24, 2022
skofman1
Improper Input Validation in Microsoft.NETCore.App High
CVE-2017-8585 was published for Microsoft.NETCore.App (NuGet) May 17, 2022
.NET Core Denial of Service Vulnerability High
CVE-2018-0875 was published for Microsoft.NETCore.Jit (NuGet) May 13, 2022
Missing Authorization with Default Settings in Dashboard UI High
CVE-2021-41238 was published for Hangfire.Core (NuGet) Nov 3, 2021
Out-of-bounds write in libpng High
CVE-2018-14550 was published for libpng (NuGet) Mar 22, 2021
Denial of service vulnerability exists when System.IO.Pipelines improperly handles requests High
CVE-2018-8409 was published for Microsoft.AspNetCore.All (NuGet) Oct 16, 2018
Improper Certificate Validation in Microsoft .NET Framework components High
CVE-2018-0786 was published for Microsoft.NETCore.UniversalWindowsPlatform (NuGet) Oct 16, 2018
skofman1
protobuf susceptible to buffer overflow High
CVE-2015-5237 was published for Google.Protobuf (Composer) May 13, 2022
Denial of Service in i18n High
CVE-2020-7791 was published for i18n (NuGet) Dec 14, 2020
Chakra Scripting Engine and ChakraCore Vulnerable to Memory Corruption High
CVE-2021-42279 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
Incorrect Access Control and Cross Site Scripting in Jellyfin High
CVE-2022-35909 was published for Jellyfin.Common (NuGet) Aug 20, 2022
SQL injection in SiteServer CMS High
CVE-2021-42655 was published for SSCMS (NuGet) May 25, 2022
Denial of service in ASP.NET Core High
CVE-2019-0982 was published for Microsoft.AspNetCore.SignalR.Protocols.MessagePack (NuGet) May 24, 2022
Exposure of Sensitive Information in System.Net.Http High
CVE-2019-0545 was published for Microsoft.NETCore.App (NuGet) May 14, 2022
Denial of service in ASP.NET Core High
CVE-2019-0564 was published for Microsoft.AspNetCore.All (NuGet) May 14, 2022
Cross-origin Resource Sharing bypass in ASP.NET Core High
CVE-2017-8700 was published for Microsoft.AspNetCore.Mvc.Core (NuGet) May 13, 2022
Denial of service in ASP.NET Core High
CVE-2017-11883 was published for Microsoft.AspNetCore.Server.HttpSys (NuGet) May 13, 2022
Denial of service in ASP.NET Core High
CVE-2019-0980 was published for System.Private.Uri (NuGet) May 24, 2022
Denial of service in ASP.NET Core High
CVE-2019-0981 was published for System.Private.Uri (NuGet) May 24, 2022
Open redirect in ASP.NET Core High
CVE-2017-11879 was published for Microsoft.AspNetCore.All (NuGet) May 14, 2022
YARP Denial of Service Vulnerability High
CVE-2022-26924 was published for Yarp.ReverseProxy (NuGet) Apr 22, 2022
kurt-r2c
ProTip! Advisories are also available from the GraphQL API