GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
398 advisories
Filter by severity
Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29865
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29863
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29864
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Remote code execution in ASP.NET Core
High
CVE-2020-0603
was published
for
Microsoft.AspNetCore.All
(NuGet)
May 24, 2022
Remote code execution in Microsoft.WindowsDesktop.App.Ref
High
CVE-2020-0606
was published
for
Microsoft.WindowsDesktop.App.Ref
(NuGet)
May 24, 2022
Improper Input Validation in Microsoft.NETCore.App
High
CVE-2017-8585
was published
for
Microsoft.NETCore.App
(NuGet)
May 17, 2022
.NET Core Denial of Service Vulnerability
High
CVE-2018-0875
was published
for
Microsoft.NETCore.Jit
(NuGet)
May 13, 2022
Missing Authorization with Default Settings in Dashboard UI
High
CVE-2021-41238
was published
for
Hangfire.Core
(NuGet)
Nov 3, 2021
Denial of service vulnerability exists when System.IO.Pipelines improperly handles requests
High
CVE-2018-8409
was published
for
Microsoft.AspNetCore.All
(NuGet)
Oct 16, 2018
Improper Certificate Validation in Microsoft .NET Framework components
High
CVE-2018-0786
was published
for
Microsoft.NETCore.UniversalWindowsPlatform
(NuGet)
Oct 16, 2018
protobuf susceptible to buffer overflow
High
CVE-2015-5237
was published
for
Google.Protobuf
(Composer)
May 13, 2022
Chakra Scripting Engine and ChakraCore Vulnerable to Memory Corruption
High
CVE-2021-42279
was published
for
Microsoft.ChakraCore
(NuGet)
May 24, 2022
Incorrect Access Control and Cross Site Scripting in Jellyfin
High
CVE-2022-35909
was published
for
Jellyfin.Common
(NuGet)
Aug 20, 2022
Denial of service in ASP.NET Core
High
CVE-2019-0982
was published
for
Microsoft.AspNetCore.SignalR.Protocols.MessagePack
(NuGet)
May 24, 2022
Exposure of Sensitive Information in System.Net.Http
High
CVE-2019-0545
was published
for
Microsoft.NETCore.App
(NuGet)
May 14, 2022
Denial of service in ASP.NET Core
High
CVE-2019-0564
was published
for
Microsoft.AspNetCore.All
(NuGet)
May 14, 2022
Cross-origin Resource Sharing bypass in ASP.NET Core
High
CVE-2017-8700
was published
for
Microsoft.AspNetCore.Mvc.Core
(NuGet)
May 13, 2022
Denial of service in ASP.NET Core
High
CVE-2017-11883
was published
for
Microsoft.AspNetCore.Server.HttpSys
(NuGet)
May 13, 2022
Denial of service in ASP.NET Core
High
CVE-2019-0980
was published
for
System.Private.Uri
(NuGet)
May 24, 2022
Denial of service in ASP.NET Core
High
CVE-2019-0981
was published
for
System.Private.Uri
(NuGet)
May 24, 2022
Open redirect in ASP.NET Core
High
CVE-2017-11879
was published
for
Microsoft.AspNetCore.All
(NuGet)
May 14, 2022
YARP Denial of Service Vulnerability
High
CVE-2022-26924
was published
for
Yarp.ReverseProxy
(NuGet)
Apr 22, 2022
ProTip!
Advisories are also available from the
GraphQL API