Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

172 advisories

Loading
Improper Input Validation in .Net Framework API's Moderate
CVE-2019-0657 was published for Microsoft.NETCore.App (NuGet) May 14, 2022
Umbraco CMS vulnerable to stored XSS Moderate
CVE-2018-17256 was published for umbraco (NuGet) May 14, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2018-8315 was published for Microsoft.ChakraCore (NuGet) May 14, 2022
DotNetNuke Default Machine Key Exposure Moderate
CVE-2008-6540 was published for DotNetNuke.Core (NuGet) May 14, 2022
Improper Certificate Validation in Microsoft .NET Framework components Moderate
CVE-2018-8356 was published for System.Private.ServiceModel (NuGet) May 14, 2022
florelis skofman1
Umbraco CMS vulnerable to stored XSS Moderate
CVE-2017-15279 was published for UmbracoCMS.Web (NuGet) May 17, 2022
Umbraco CMS XXE Vulnerability Moderate
CVE-2017-15280 was published for UmbracoCms.Web (NuGet) May 17, 2022
DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter Moderate
CVE-2013-4649 was published for DotNetNuke.Core (NuGet) May 17, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2017-8659 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2017-0208 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
DotNetNuke (DNN) Open redirect vulnerability Moderate
CVE-2013-7335 was published for DotNetNuke.Core (NuGet) May 17, 2022
Open redirect in ASP.NET Core Moderate
CVE-2019-1075 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
Denial of service in ASP.NET Core Moderate
CVE-2020-0602 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
skofman1
Umbraco CMS vulnerable to CSRF Moderate
CVE-2020-7210 was published for UmbracoCMS.Core (NuGet) May 24, 2022
DNN XSS Vulnerability Moderate
CVE-2020-5186 was published for DotNetNuke.Core (NuGet) May 24, 2022
DNN File Upload Vulnerability Moderate
CVE-2020-5188 was published for DotNetNuke.Core (NuGet) May 24, 2022
GleamTech FileUltimate Cross-site Scripting Moderate
CVE-2020-15015 was published for GleamTech.FileUltimate (NuGet) May 24, 2022
Integer overflow in the bundled Brotli C library Moderate
CVE-2020-8927 was published for Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm (NuGet) May 24, 2022
Umbraco CMS vulnerable to stored XSS Moderate
CVE-2020-5809 was published for UmbracoCms.Core (NuGet) May 24, 2022
Denial of service in .NET core Moderate
CVE-2021-1721 was published for Microsoft.NETCore.App (NuGet) May 24, 2022
MongoDB C# Driver Risk of Exposing Authentication Data via Command Listener Moderate
CVE-2021-20331 was published for mongodb.driver (NuGet) May 24, 2022
AlmogApiiro
Cross site scripting attack in ServiceStack Framework Moderate
CVE-2019-1010199 was published for ServiceStack (NuGet) May 24, 2022
jhutchings1
Elevation of privilege in ASP.NET Core Moderate
CVE-2019-1302 was published for Microsoft.AspNetCore.SpaServices (NuGet) May 24, 2022
leecow
NuGet Package Manager Tampering Vulnerability Moderate
CVE-2019-0976 was published for NuGet.Commands (NuGet) May 24, 2022
JarLob
Cross site scripting in SiteServer CMS Moderate
CVE-2021-42656 was published for SSCMS (NuGet) May 25, 2022
ProTip! Advisories are also available from the GraphQL API