GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
638 advisories
Filter by severity
HtmlSanitizer vulnerable to Cross-site Scripting in Foreign Content
Moderate
CVE-2023-44390
was published
for
HtmlSanitizer
(NuGet)
Oct 4, 2023
Imageflow affected by libwebp zero-day and should not be used with malicious source images.
High
GHSA-7vpr-3ppw-qrpj
was published
for
ImageResizer.Plugins.Imageflow
(NuGet)
Sep 27, 2023
CefSharp affected by heap buffer overflow in WebP
Critical
GHSA-j646-gj5p-p45g
was published
for
CefSharp.Common
(NuGet)
Sep 21, 2023
Sustainsys.Saml2 Insufficient Identity Provider Issuer Validation
High
CVE-2023-41890
was published
for
Sustainsys.Saml2
(NuGet)
Sep 20, 2023
Microsoft Security Advisory CVE-2023-36792: .NET Remote Code Execution Vulnerability
High
CVE-2023-36792
was published
for
Microsoft.NETCore.App.Runtime.win-arm64
(NuGet)
Sep 12, 2023
Microsoft Security Advisory CVE-2023-36794: .NET Remote Code Execution Vulnerability
High
CVE-2023-36794
was published
for
Microsoft.NETCore.App.Runtime.win-arm64
(NuGet)
Sep 12, 2023
Microsoft Security Advisory CVE-2023-36793: .NET Remote Code Execution Vulnerability
High
CVE-2023-36793
was published
for
Microsoft.NETCore.App.Runtime.win-arm64
(NuGet)
Sep 12, 2023
Microsoft Security Advisory CVE-2023-36796: .NET Remote Code Execution Vulnerability
High
CVE-2023-36796
was published
for
Microsoft.NETCore.App.Runtime.win-arm64
(NuGet)
Sep 12, 2023
Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability
Moderate
CVE-2023-36799
was published
for
Microsoft.NETCore.App.Runtime.linux-arm
(NuGet)
Sep 12, 2023
libwebp: OOB write in BuildHuffmanTable
High
CVE-2023-4863
was published
for
Pillow
(Go)
Sep 12, 2023
.NET Information Disclosure Vulnerability
High
CVE-2023-35391
was published
for
Microsoft.AspNetCore.SignalR.Redis
(NuGet)
Aug 11, 2023
Moq v4.20.0-rc to 4.20.1 share hashed user data
Low
GHSA-6r78-m64m-qwcf
was published
for
moq
(NuGet)
Aug 10, 2023
.NET Remote Code Execution Vulnerability
High
CVE-2023-35390
was published
for
Microsoft.NET.Build.Containers
(NuGet)
Aug 9, 2023
.NET Denial of Service Vulnerability
High
CVE-2023-38178
was published
for
Microsoft.AspNetCore.App.Runtime.win-arm
(NuGet)
Aug 9, 2023
.NET Denial of Service Vulnerability
High
CVE-2023-38180
was published
for
Microsoft.AspNetCore.App.Runtime.win-arm64
(NuGet)
Aug 9, 2023
Umbraco allows possible Admin-level access to backoffice without Auth under rare conditions
High
CVE-2023-37267
was published
for
Umbraco.Cms.Infrastructure
(NuGet)
Jul 13, 2023
Microsoft Security Advisory CVE-2023-33127: .NET Remote Code Execution Vulnerability
High
CVE-2023-33127
was published
for
Microsoft.WindowsDesktop.App.Runtime.win-arm64
(NuGet)
Jul 11, 2023
Microsoft Security Advisory CVE-2023-33170: .NET Security Feature Bypass Vulnerability
High
CVE-2023-33170
was published
for
Microsoft.AspNet.Identity.Owin
(NuGet)
Jul 11, 2023
Duplicate Advisory: jQuery Cross Site Scripting vulnerability
Moderate
CVE-2020-23064
was published
for
jQuery
(RubyGems)
Jun 26, 2023
•
withdrawn
YARP Denial of Service Vulnerability
High
CVE-2023-33141
was published
for
Yarp.ReverseProxy
(NuGet)
Jun 23, 2023
Dynamic Linq vulnerable to remote code execution
Critical
CVE-2023-32571
was published
for
System.Linq.Dynamic.Core
(NuGet)
Jun 22, 2023
Microsoft Security Advisory CVE-2023-33126: .NET Remote Code Execution Vulnerability
High
CVE-2023-33126
was published
for
Microsoft.NetCore.App.Runtime.win-arm
(NuGet)
Jun 14, 2023
.NET Remote Code Execution Vulnerability
High
CVE-2023-33128
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
Jun 14, 2023
.NET Denial of Service vulnerability
High
CVE-2023-29331
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
Jun 14, 2023
.NET Elevation of Privilege Vulnerability
High
CVE-2023-24936
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
Jun 14, 2023
ProTip!
Advisories are also available from the
GraphQL API