GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
609 advisories
Filter by severity
protobuf susceptible to buffer overflow
High
CVE-2015-5237
was published
for
Google.Protobuf
(Composer)
May 13, 2022
Improper Certificate Validation in Microsoft .NET Framework components
Moderate
CVE-2018-8356
was published
for
System.Private.ServiceModel
(NuGet)
May 14, 2022
Improper Certificate Validation in OPCFoundation.NetStandard.Opc.Ua.Core
Moderate
CVE-2020-29457
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Nov 19, 2021
Improper Certificate Validation in Microsoft .NET Framework components
High
CVE-2018-0786
was published
for
Microsoft.NETCore.UniversalWindowsPlatform
(NuGet)
Oct 16, 2018
Denial of service vulnerability exists when System.IO.Pipelines improperly handles requests
High
CVE-2018-8409
was published
for
Microsoft.AspNetCore.All
(NuGet)
Oct 16, 2018
Missing Authorization with Default Settings in Dashboard UI
High
CVE-2021-41238
was published
for
Hangfire.Core
(NuGet)
Nov 3, 2021
.NET Core Denial of Service Vulnerability
High
CVE-2018-0875
was published
for
Microsoft.NETCore.Jit
(NuGet)
May 13, 2022
Improper Input Validation in Microsoft.NETCore.App
High
CVE-2017-8585
was published
for
Microsoft.NETCore.App
(NuGet)
May 17, 2022
Remote code execution in ASP.NET Core
High
CVE-2020-0603
was published
for
Microsoft.AspNetCore.All
(NuGet)
May 24, 2022
Denial of service in ASP.NET Core
Moderate
CVE-2020-0602
was published
for
Microsoft.AspNetCore.All
(NuGet)
May 24, 2022
Remote code execution in Microsoft.WindowsDesktop.App.Ref
High
CVE-2020-0606
was published
for
Microsoft.WindowsDesktop.App.Ref
(NuGet)
May 24, 2022
Integer overflow in the bundled Brotli C library
Moderate
CVE-2020-8927
was published
for
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm
(NuGet)
May 24, 2022
Denial of service in .NET core
Moderate
CVE-2021-1721
was published
for
Microsoft.NETCore.App
(NuGet)
May 24, 2022
.NET Core Remote Code Execution Vulnerability
Critical
CVE-2021-24112
was published
for
System.Drawing.Common
(NuGet)
May 24, 2022
Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29863
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29864
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Security Update for the OPC UA .NET Standard Stack
High
CVE-2022-29862
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29865
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29866
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Exposure of Sensitive Information in OPCFoundation.NetStandard.Opc.Ua.Server
Moderate
CVE-2022-33916
was published
for
OPCFoundation.NetStandard.Opc.Ua.Server
(NuGet)
Aug 24, 2022
XML External Entity attack in log4net
Critical
CVE-2018-1285
was published
for
log4net
(NuGet)
Jan 29, 2021
.NET Core Elevation of Privilege Vulnerability
High
CVE-2021-26423
was published
for
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64
(NuGet)
Oct 25, 2022
ASP.NET Core Information Disclosure Vulnerability
Moderate
CVE-2021-34532
was published
for
Microsoft.AspNetCore.Authentication.JwtBearer
(NuGet)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API