GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
172 advisories
Filter by severity
Cross site scripting attack in ServiceStack Framework
Moderate
CVE-2019-1010199
was published
for
ServiceStack
(NuGet)
May 24, 2022
MongoDB C# Driver Risk of Exposing Authentication Data via Command Listener
Moderate
CVE-2021-20331
was published
for
mongodb.driver
(NuGet)
May 24, 2022
Denial of service in .NET core
Moderate
CVE-2021-1721
was published
for
Microsoft.NETCore.App
(NuGet)
May 24, 2022
Umbraco CMS vulnerable to stored XSS
Moderate
CVE-2020-5809
was published
for
UmbracoCms.Core
(NuGet)
May 24, 2022
Integer overflow in the bundled Brotli C library
Moderate
CVE-2020-8927
was published
for
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm
(NuGet)
May 24, 2022
GleamTech FileUltimate Cross-site Scripting
Moderate
CVE-2020-15015
was published
for
GleamTech.FileUltimate
(NuGet)
May 24, 2022
DNN File Upload Vulnerability
Moderate
CVE-2020-5188
was published
for
DotNetNuke.Core
(NuGet)
May 24, 2022
Umbraco CMS vulnerable to CSRF
Moderate
CVE-2020-7210
was published
for
UmbracoCMS.Core
(NuGet)
May 24, 2022
Denial of service in ASP.NET Core
Moderate
CVE-2020-0602
was published
for
Microsoft.AspNetCore.All
(NuGet)
May 24, 2022
Open redirect in ASP.NET Core
Moderate
CVE-2019-1075
was published
for
Microsoft.AspNetCore.All
(NuGet)
May 24, 2022
DotNetNuke (DNN) Open redirect vulnerability
Moderate
CVE-2013-7335
was published
for
DotNetNuke.Core
(NuGet)
May 17, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2017-0208
was published
for
Microsoft.ChakraCore
(NuGet)
May 17, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2017-8659
was published
for
Microsoft.ChakraCore
(NuGet)
May 17, 2022
DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter
Moderate
CVE-2013-4649
was published
for
DotNetNuke.Core
(NuGet)
May 17, 2022
Umbraco CMS vulnerable to stored XSS
Moderate
CVE-2017-15279
was published
for
UmbracoCMS.Web
(NuGet)
May 17, 2022
Umbraco CMS XXE Vulnerability
Moderate
CVE-2017-15280
was published
for
UmbracoCms.Web
(NuGet)
May 17, 2022
Improper Certificate Validation in Microsoft .NET Framework components
Moderate
CVE-2018-8356
was published
for
System.Private.ServiceModel
(NuGet)
May 14, 2022
DotNetNuke Default Machine Key Exposure
Moderate
CVE-2008-6540
was published
for
DotNetNuke.Core
(NuGet)
May 14, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2018-8315
was published
for
Microsoft.ChakraCore
(NuGet)
May 14, 2022
Umbraco CMS vulnerable to stored XSS
Moderate
CVE-2018-17256
was published
for
umbraco
(NuGet)
May 14, 2022
Improper Input Validation in .Net Framework API's
Moderate
CVE-2019-0657
was published
for
Microsoft.NETCore.App
(NuGet)
May 14, 2022
DNN XSS Vulnerability
Moderate
CVE-2018-14486
was published
for
DotNetNuke.Core
(NuGet)
May 14, 2022
jQuery vulnerable to Cross-Site Scripting (XSS)
Moderate
CVE-2011-4969
was published
for
jQuery
(RubyGems)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API