GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,079
Erlang
29
GitHub Actions
19
Go
1,905
Maven
5,000+
npm
3,637
NuGet
638
pip
3,256
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
638 advisories
Filter by severity
Cross site scripting attack in ServiceStack Framework
Moderate
CVE-2019-1010199
was published
for
ServiceStack
(NuGet)
May 24, 2022
Cross-site Scripting in ZKEACMS
Moderate
CVE-2022-29362
was published
for
ZKEACMS.Publisher
(NuGet)
May 26, 2022
Cross site scripting in SiteServer CMS
Moderate
CVE-2021-42656
was published
for
SSCMS
(NuGet)
May 25, 2022
Denial of service in ASP.NET Core
High
CVE-2019-0982
was published
for
Microsoft.AspNetCore.SignalR.Protocols.MessagePack
(NuGet)
May 24, 2022
Deserialization of Untrusted Data in NancyFX Nancy
Critical
CVE-2017-9785
was published
for
Nancy
(NuGet)
May 17, 2022
Exposure of Sensitive Information in System.Net.Http
High
CVE-2019-0545
was published
for
Microsoft.NETCore.App
(NuGet)
May 14, 2022
Denial of service in ASP.NET Core
High
CVE-2019-0564
was published
for
Microsoft.AspNetCore.All
(NuGet)
May 14, 2022
Open redirect in ASP.NET Core
Moderate
CVE-2019-1075
was published
for
Microsoft.AspNetCore.All
(NuGet)
May 24, 2022
Cross-origin Resource Sharing bypass in ASP.NET Core
High
CVE-2017-8700
was published
for
Microsoft.AspNetCore.Mvc.Core
(NuGet)
May 13, 2022
Denial of service in ASP.NET Core
High
CVE-2017-11883
was published
for
Microsoft.AspNetCore.Server.HttpSys
(NuGet)
May 13, 2022
Tampering vulnerability in .NET Core
Moderate
CVE-2018-8416
was published
for
Microsoft.NETCore.App
(NuGet)
May 13, 2022
Denial of service in ASP.NET Core
High
CVE-2019-0980
was published
for
System.Private.Uri
(NuGet)
May 24, 2022
Denial of service in ASP.NET Core
High
CVE-2019-0981
was published
for
System.Private.Uri
(NuGet)
May 24, 2022
Open redirect in ASP.NET Core
High
CVE-2017-11879
was published
for
Microsoft.AspNetCore.All
(NuGet)
May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib
Moderate
CVE-2018-1002208
was published
for
SharpZipLib
(NuGet)
May 13, 2022
Improper Access Control in Telerik Extensions
Moderate
CVE-2018-17060
was published
for
TelerikMvcExtensions
(NuGet)
May 13, 2022
Improper Input Validation in .Net Framework API's
Moderate
CVE-2019-0657
was published
for
Microsoft.NETCore.App
(NuGet)
May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in DisCatSharp
Moderate
CVE-2022-24849
was published
for
DisCatSharp
(NuGet)
Apr 22, 2022
YARP Denial of Service Vulnerability
High
CVE-2022-26924
was published
for
Yarp.ReverseProxy
(NuGet)
Apr 22, 2022
Imporoper path validation in elFinder.NetCore
Critical
CVE-2021-23427
was published
for
elFinder.NetCore
(NuGet)
Sep 2, 2021
Server side request forgery in C1 CMS
High
CVE-2022-24789
was published
for
C1CMS.Assemblies
(NuGet)
Mar 30, 2022
Path traversal in elFinder.NetCore
High
CVE-2021-23428
was published
for
elFinder.NetCore
(NuGet)
Sep 2, 2021
personnummer/csharp vulnerable to Improper Input Validation
Low
GHSA-qv8q-v995-72gr
was published
for
personnummer
(NuGet)
Sep 9, 2020
Improper Certificate Validation
High
CVE-2017-11770
was published
for
Microsoft.NETCore.App
(NuGet)
Apr 12, 2022
Infinite loop in .Net Bond
High
CVE-2020-1469
was published
for
Bond.Core.CSharp
(NuGet)
Apr 8, 2022
ProTip!
Advisories are also available from the
GraphQL API