Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,028
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,157
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

632 advisories

Loading
Denial of service in ASP.NET Core High
CVE-2019-0564 was published for Microsoft.AspNetCore.All (NuGet) May 14, 2022
Open redirect in ASP.NET Core Moderate
CVE-2019-1075 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
Cross-origin Resource Sharing bypass in ASP.NET Core High
CVE-2017-8700 was published for Microsoft.AspNetCore.Mvc.Core (NuGet) May 13, 2022
Denial of service in ASP.NET Core High
CVE-2017-11883 was published for Microsoft.AspNetCore.Server.HttpSys (NuGet) May 13, 2022
Tampering vulnerability in .NET Core Moderate
CVE-2018-8416 was published for Microsoft.NETCore.App (NuGet) May 13, 2022
Denial of service in ASP.NET Core High
CVE-2019-0981 was published for System.Private.Uri (NuGet) May 24, 2022
Denial of service in ASP.NET Core High
CVE-2019-0980 was published for System.Private.Uri (NuGet) May 24, 2022
Open redirect in ASP.NET Core High
CVE-2017-11879 was published for Microsoft.AspNetCore.All (NuGet) May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib Moderate
CVE-2018-1002208 was published for SharpZipLib (NuGet) May 13, 2022
Improper Access Control in Telerik Extensions Moderate
CVE-2018-17060 was published for TelerikMvcExtensions (NuGet) May 13, 2022
Improper Input Validation in .Net Framework API's Moderate
CVE-2019-0657 was published for Microsoft.NETCore.App (NuGet) May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in DisCatSharp Moderate
CVE-2022-24849 was published for DisCatSharp (NuGet) Apr 22, 2022
YARP Denial of Service Vulnerability High
CVE-2022-26924 was published for Yarp.ReverseProxy (NuGet) Apr 22, 2022
kurt-r2c
Imporoper path validation in elFinder.NetCore Critical
CVE-2021-23427 was published for elFinder.NetCore (NuGet) Sep 2, 2021
Server side request forgery in C1 CMS High
CVE-2022-24789 was published for C1CMS.Assemblies (NuGet) Mar 30, 2022
Path traversal in elFinder.NetCore High
CVE-2021-23428 was published for elFinder.NetCore (NuGet) Sep 2, 2021
personnummer/csharp vulnerable to Improper Input Validation Low
GHSA-qv8q-v995-72gr was published for personnummer (NuGet) Sep 9, 2020
Improper Certificate Validation High
CVE-2017-11770 was published for Microsoft.NETCore.App (NuGet) Apr 12, 2022
Infinite loop in .Net Bond High
CVE-2020-1469 was published for Bond.Core.CSharp (NuGet) Apr 8, 2022
System.Management.Automation subject to bypass via script debugging Moderate
CVE-2019-1167 was published for System.Management.Automation (NuGet) Jul 17, 2019
MadsKristensen.AspNetCore.Miniblog subject to Improper Input Validation Critical
CVE-2019-9845 was published for MadsKristensen.AspNetCore.Miniblog (NuGet) Jul 5, 2019
Microsoft.ChakraCore vulnerable to Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2019-0746 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
Remote Code Execution in AjaxNetProfessional Critical
GHSA-6r7c-6w96-8pvw was published for AjaxNetProfessional (NuGet) Dec 7, 2021
h0ng10 mwulftange
.NET Core Information Disclosure High
CVE-2018-8292 was published for System.Net.Http (NuGet) Apr 21, 2021
Improper Authentication High
GHSA-qxx8-292g-2w66 was published for Microsoft.Bot.Connector (NuGet) Mar 8, 2021
ProTip! Advisories are also available from the GraphQL API