GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,946
Erlang
29
GitHub Actions
16
Go
1,734
Maven
4,963
npm
3,493
NuGet
607
pip
3,059
Pub
10
RubyGems
832
Rust
779
Swift
34
Unreviewed advisories
All unreviewed
5,000+
398 advisories
Filter by severity
Azure Storage Movement Client Library Denial of Service Vulnerability
High
CVE-2024-35252
was published
for
Microsoft.Azure.Storage.DataMovement
(NuGet)
Jun 11, 2024
Out-of-bounds write in Microsoft.ChakraCore
High
CVE-2019-1195
was published
for
Microsoft.ChakraCore
(NuGet)
Mar 29, 2021
Out-of-bounds write in Microsoft.ChakraCore
High
CVE-2019-1131
was published
for
Microsoft.ChakraCore
(NuGet)
Mar 29, 2021
Out-of-bounds write in Microsoft.ChakraCore
High
CVE-2019-1140
was published
for
Microsoft.ChakraCore
(NuGet)
Mar 29, 2021
Out-of-bounds write in Microsoft.ChakraCore
High
CVE-2019-1139
was published
for
Microsoft.ChakraCore
(NuGet)
Mar 29, 2021
Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege Vulnerability
High
CVE-2023-36049
was published
for
System.Net.Requests
(NuGet)
Nov 14, 2023
Remote Denial of Service Vulnerability in Microsoft.Native.Quic.MsQuic.Schannel
High
CVE-2023-38171
was published
for
Microsoft.Native.Quic.MsQuic.OpenSSL
(NuGet)
Oct 10, 2023
Azure Identity SDK Remote Code Execution Vulnerability
High
CVE-2023-36414
was published
for
Azure.Identity
(NuGet)
Oct 10, 2023
Microsoft Security Advisory CVE-2023-33170: .NET Security Feature Bypass Vulnerability
High
CVE-2023-33170
was published
for
Microsoft.AspNet.Identity.Owin
(NuGet)
Jul 11, 2023
.NET Remote Code Execution Vulnerability
High
CVE-2023-35390
was published
for
Microsoft.NET.Build.Containers
(NuGet)
Aug 9, 2023
MsQuic Remote Denial of Service Vulnerability
High
CVE-2023-36435
was published
for
Microsoft.Native.Quic.MsQuic.OpenSSL
(NuGet)
Oct 10, 2023
.NET Denial of Service Vulnerability
High
CVE-2023-38178
was published
for
Microsoft.AspNetCore.App.Runtime.win-arm
(NuGet)
Aug 9, 2023
Microsoft Security Advisory CVE-2023-33127: .NET Remote Code Execution Vulnerability
High
CVE-2023-33127
was published
for
Microsoft.WindowsDesktop.App.Runtime.win-arm64
(NuGet)
Jul 11, 2023
YARP Denial of Service Vulnerability
High
CVE-2023-33141
was published
for
Yarp.ReverseProxy
(NuGet)
Jun 23, 2023
.NET Denial of Service Vulnerability
High
CVE-2023-21538
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
Jan 10, 2023
.NET Remote Code Execution Vulnerability
High
CVE-2023-24897
was published
for
Microsoft.NetCore.App.Runtime.win-arm
(NuGet)
Jun 14, 2023
.NET Remote Code Execution Vulnerability
High
CVE-2023-21808
was published
for
Microsoft.NetCore.App.Runtime.win-arm
(NuGet)
Feb 14, 2023
.NET Remote Code Execution Vulnerability
High
CVE-2023-33128
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
Jun 14, 2023
NuGet Client Remote Code Execution Vulnerability
High
CVE-2023-29337
was published
for
Microsoft.Build.NuGetSdkResolver
(NuGet)
Jun 14, 2023
.NET Denial of Service vulnerability
High
CVE-2023-29331
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
Jun 14, 2023
Vulnerability in Azure Active Directory Authentication Library
High
CVE-2019-1258
was published
for
microsoft.identitymodel.clients.activedirectory
(NuGet)
Aug 16, 2019
Out-of-bounds write in ChakraCore
High
CVE-2019-1196
was published
for
Microsoft.ChakraCore
(NuGet)
Mar 29, 2021
Out-of-bounds write in Microsoft.ChakraCore
High
CVE-2019-1141
was published
for
Microsoft.ChakraCore
(NuGet)
Mar 29, 2021
Microsoft.Data.SqlClient and System.Data.SqlClient vulnerable to SQL Data Provider Security Feature Bypass
High
CVE-2024-0056
was published
for
Microsoft.Data.SqlClient
(NuGet)
Jan 9, 2024
ProTip!
Advisories are also available from the
GraphQL API