Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

603 advisories

Sustainsys.Saml2 Insufficient Identity Provider Issuer Validation High
CVE-2023-41890 was published for Sustainsys.Saml2 (NuGet) Sep 20, 2023
c53robin
Microsoft Security Advisory CVE-2023-36792: .NET Remote Code Execution Vulnerability High
CVE-2023-36792 was published for Microsoft.NETCore.App.Runtime.win-arm64 (NuGet) Sep 12, 2023
Microsoft Security Advisory CVE-2023-36794: .NET Remote Code Execution Vulnerability High
CVE-2023-36794 was published for Microsoft.NETCore.App.Runtime.win-arm64 (NuGet) Sep 12, 2023
Microsoft Security Advisory CVE-2023-36793: .NET Remote Code Execution Vulnerability High
CVE-2023-36793 was published for Microsoft.NETCore.App.Runtime.win-arm64 (NuGet) Sep 12, 2023
Microsoft Security Advisory CVE-2023-36796: .NET Remote Code Execution Vulnerability High
CVE-2023-36796 was published for Microsoft.NETCore.App.Runtime.win-arm64 (NuGet) Sep 12, 2023
Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability Moderate
CVE-2023-36799 was published for Microsoft.NETCore.App.Runtime.linux-arm (NuGet) Sep 12, 2023
libwebp: OOB write in BuildHuffmanTable High
CVE-2023-4863 was published for Pillow (Go) Sep 12, 2023
delroth Nachtalb
pshelton-skype
.NET Information Disclosure Vulnerability High
CVE-2023-35391 was published for Microsoft.AspNetCore.SignalR.Redis (NuGet) Aug 11, 2023
Moq v4.20.0-rc to 4.20.1 share hashed user data Low
GHSA-6r78-m64m-qwcf was published for moq (NuGet) Aug 10, 2023
JonDouglas
.NET Remote Code Execution Vulnerability High
CVE-2023-35390 was published for Microsoft.NET.Build.Containers (NuGet) Aug 9, 2023
.NET Denial of Service Vulnerability High
CVE-2023-38178 was published for Microsoft.AspNetCore.App.Runtime.win-arm (NuGet) Aug 9, 2023
.NET Denial of Service Vulnerability High
CVE-2023-38180 was published for Microsoft.AspNetCore.App.Runtime.win-arm64 (NuGet) Aug 9, 2023
mkilgore
Umbraco allows possible Admin-level access to backoffice without Auth under rare conditions High
CVE-2023-37267 was published for Umbraco.Cms.Infrastructure (NuGet) Jul 13, 2023
1k-off dmitryMinaev
a-karandashov
Microsoft Security Advisory CVE-2023-33127: .NET Remote Code Execution Vulnerability High
CVE-2023-33127 was published for Microsoft.WindowsDesktop.App.Runtime.win-arm64 (NuGet) Jul 11, 2023
Microsoft Security Advisory CVE-2023-33170: .NET Security Feature Bypass Vulnerability High
CVE-2023-33170 was published for Microsoft.AspNet.Identity.Owin (NuGet) Jul 11, 2023
DmitriyLewen gillarramendi
Duplicate Advisory: jQuery Cross Site Scripting vulnerability Moderate
CVE-2020-23064 was published for jQuery (RubyGems) Jun 26, 2023 withdrawn
eoftedal
YARP Denial of Service Vulnerability High
CVE-2023-33141 was published for Yarp.ReverseProxy (NuGet) Jun 23, 2023
Dynamic Linq vulnerable to remote code execution Critical
CVE-2023-32571 was published for System.Linq.Dynamic.Core (NuGet) Jun 22, 2023
Microsoft Security Advisory CVE-2023-33126: .NET Remote Code Execution Vulnerability High
CVE-2023-33126 was published for Microsoft.NetCore.App.Runtime.win-arm (NuGet) Jun 14, 2023
.NET Remote Code Execution Vulnerability High
CVE-2023-33128 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jun 14, 2023
.NET Denial of Service vulnerability High
CVE-2023-29331 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jun 14, 2023
.NET Elevation of Privilege Vulnerability High
CVE-2023-24936 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jun 14, 2023
.NET Remote Code Execution Vulnerability High
CVE-2023-24895 was published for Microsoft.WindowsDesktop.App.Runtime.win-arm64 (NuGet) Jun 14, 2023
.NET Remote Code Execution Vulnerability High
CVE-2023-24897 was published for Microsoft.NetCore.App.Runtime.win-arm (NuGet) Jun 14, 2023
NuGet Client Remote Code Execution Vulnerability High
CVE-2023-29337 was published for Microsoft.Build.NuGetSdkResolver (NuGet) Jun 14, 2023
ProTip! Advisories are also available from the GraphQL API