Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,653
Erlang
29
GitHub Actions
16
Go
1,706
Maven
4,938
npm
3,471
NuGet
603
pip
2,985
Pub
10
RubyGems
826
Rust
772
Swift
34
Unreviewed advisories
All unreviewed
5,000+

603 advisories

Denial of service in ASP.NET Core High
CVE-2018-8269 was published for Microsoft.AspNetCore.All (NuGet) Oct 16, 2018
leecow
DSInternals Credential Roaming Elevation of Privilege Vulnerability Moderate
GHSA-vx2x-9cff-fhjw was published for DSInternals.Common (NuGet) Dec 6, 2022
Untrusted data can lead to DoS attack due to hash collisions and stack overflow in MessagePack Moderate
CVE-2020-5234 was published for MessagePack (NuGet) Jan 31, 2020
Vulnerability in Azure Active Directory Authentication Library High
CVE-2019-1258 was published for microsoft.identitymodel.clients.activedirectory (NuGet) Aug 16, 2019
Stored Cross-Site Scripting vulnerability in admin component of DotNetNuke Moderate
CVE-2019-12562 was published for DotNetNuke.Core (NuGet) Nov 18, 2019
Subject Confirmation Method not validated in Saml2 Authentication Services for ASP.NET Moderate
CVE-2020-5268 was published for Sustainsys.Saml2 (NuGet) Apr 22, 2020
Internal NCryptDecrypt method could be used externally from WindowsHello library. Moderate
CVE-2020-11005 was published for HaemmerElectronics.SeppPenner.WindowsHello (NuGet) Apr 14, 2020
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0773 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
Cross-site scripting (XSS) vulnerability in the user-profile biography section in DotNetNuke (DNN) Moderate
CVE-2016-7119 was published for DotNetNuke.Core (NuGet) Oct 16, 2018
ASP.NET Core allow an elevation of privilege High
CVE-2018-0787 was published for Microsoft.AspNetCore.HttpOverrides (NuGet) Oct 16, 2018
Moderate severity vulnerability that affects Microsoft.AspNetCore.All, Microsoft.AspNetCore.Server.Kestrel.Core, Microsoft.AspNetCore.Server.Kestrel.Transport.Abstractions, and Microsoft.AspNetCore.Server.Kestrel.Transport.Libuv Moderate
GHSA-3m2r-q8x3-xmf7 was published for Microsoft.AspNetCore.All (NuGet) Oct 16, 2018
Low severity vulnerability that affects Gw2Sharp Low
GHSA-4vr3-9v7h-5f8v was published for Gw2Sharp (NuGet) Jun 18, 2019
Denial of service vulnerability exists when .NET and .NET Core improperly process XML documents High
CVE-2018-0765 was published for System.Security.Cryptography.Xml (NuGet) Oct 16, 2018
High severity vulnerability that affects System.Management.Automation High
CVE-2019-1301 was published for System.Management.Automation (NuGet) Sep 13, 2019
High severity vulnerability that affects DotNetZip High
CVE-2018-1002205 was published for DotNetZip (NuGet) Oct 16, 2018
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0639 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects OPCFoundation.NetStandard.Opc.Ua High
CVE-2018-12086 was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Oct 16, 2018
Moderate severity vulnerability that affects Microsoft.AspNetCore.All, Microsoft.AspNetCore.App, and Microsoft.AspNetCore.Server.Kestrel.Core Moderate
GHSA-cgpw-2gph-2r9g was published for Microsoft.AspNetCore.All (NuGet) Oct 16, 2018
High severity vulnerability that affects PeterO.Cbor High
GHSA-cxw4-9qv9-vx5h was published for PeterO.Cbor (NuGet) Sep 30, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0592 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0611 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
Moderate severity vulnerability that affects OPCFoundation.NetStandard.Opc.Ua Moderate
CVE-2018-12087 was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Oct 16, 2018
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0769 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects DotNetNuke.Core High
CVE-2017-0929 was published for DotNetNuke.Core (NuGet) Oct 16, 2018
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0771 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
ProTip! Advisories are also available from the GraphQL API