Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

18 advisories

Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation. Moderate
CVE-2024-29857 was published for BouncyCastle (Maven) May 14, 2024
Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability High
CVE-2024-21392 was published for Microsoft.NETCore.App.Runtime.linux-arm (NuGet) Mar 12, 2024
r3kumar TAINA-AntonyBingham
Duplicate Advisory: Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability High
GHSA-32q7-gv7f-4cg5 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Feb 13, 2024 withdrawn
Microsoft ASP.NET Core project templates vulnerable to denial of service Moderate
CVE-2024-21319 was published for Microsoft.IdentityModel.JsonWebTokens (NuGet) Jan 9, 2024
aried3r
Remote Denial of Service Vulnerability in Microsoft.Native.Quic.MsQuic.Schannel High
CVE-2023-38171 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Oct 10, 2023
Uncontrolled Resource Consumption in OPC UA .NET Standard Reference Server High
CVE-2023-27321 was published for OPCFoundation.NetStandard.Opc.Ua.Server (NuGet) May 5, 2023
EnumStringValues vulnerable to Uncontrolled Resource Consumption Low
CVE-2020-36620 was published for EnumStringValues (NuGet) Dec 21, 2022
.NET Denial of Service Vulnerability High
CVE-2022-23267 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Oct 21, 2022
.NET Denial of Service Vulnerability High
CVE-2022-29117 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Aug 30, 2022
binki akunzai
leecow Tratcher skofman1
Moment.js vulnerable to Inefficient Regular Expression Complexity High
CVE-2022-31129 was published for Moment.js (npm) Jul 6, 2022
vovikhangcdv
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29864 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29866 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Denial of service in ASP.NET Core Moderate
CVE-2020-0602 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
skofman1
Regular Expression Denial of Service in System.Text.RegularExpressions High
CVE-2019-0820 was published for System.Text.RegularExpressions (NuGet) Aug 4, 2021
r-bit-rry
Regular Expression Denial of Service in jquery-validation High
CVE-2021-21252 was published for jQuery.Validation (npm) Jan 13, 2021
erik-krogh pwntester
Denial of Service in i18n High
CVE-2020-7791 was published for i18n (NuGet) Dec 14, 2020
Uncontrolled Resource Consumption in MetadataExtractor High
CVE-2019-14262 was published for MetadataExtractor (NuGet) Aug 23, 2019
Denial of Service in jquery High
CVE-2016-10707 was published for jQuery (RubyGems) Jan 22, 2018
ProTip! Advisories are also available from the GraphQL API