Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

415 advisories

Loading
Withdrawn Advisory: HTML injections in BTCPayServer High
CVE-2023-0493 was published for BTCPayServer.Client (NuGet) Jan 27, 2023 withdrawn
Component takeover in Oracle Data Provider for .NET High
CVE-2023-21893 was published for Oracle.ManagedDataAccess (NuGet) Jan 18, 2023
georg-jung alexkeh
.NET Denial of Service Vulnerability High
CVE-2023-21538 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jan 10, 2023
.NET Remote Code Execution Vulnerability High
CVE-2022-41089 was published for Microsoft.WindowsDesktop.App.Runtime.win-arm64 (NuGet) Dec 14, 2022
tdunlap607
Duplicate Advisory: .NET Framework Remote Code Execution Vulnerability. High
GHSA-9qcm-fqj9-93m4 was published for Microsoft.WindowsDesktop.App.Runtime.win-x64 (NuGet) Dec 13, 2022 withdrawn
.NET Core Elevation of Privilege Vulnerability High
CVE-2021-26423 was published for Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64 (NuGet) Oct 25, 2022
.NET Denial of Service Vulnerability High
CVE-2022-23267 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Oct 21, 2022
.NET Denial of Service Vulnerability High
CVE-2022-24464 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Oct 21, 2022
.NET Denial of Service Vulnerability High
CVE-2022-21986 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Oct 21, 2022
NuGet Elevation of Privilege Vulnerability High
CVE-2022-41032 was published for NuGet.CommandLine (NuGet) Oct 11, 2022
kartheekp-ms JarLob
.NET Denial of Service Vulnerability High
CVE-2022-38013 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Sep 15, 2022
.NET Denial of Service Vulnerability High
CVE-2022-29145 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Aug 30, 2022
.NET Denial of Service Vulnerability High
CVE-2022-29117 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Aug 30, 2022
binki akunzai
leecow Tratcher skofman1
Incorrect Access Control and Cross Site Scripting in Jellyfin High
CVE-2022-35909 was published for Jellyfin.Common (NuGet) Aug 20, 2022
Moment.js vulnerable to Inefficient Regular Expression Complexity High
CVE-2022-31129 was published for Moment.js (npm) Jul 6, 2022
vovikhangcdv
Improper Handling of Exceptional Conditions in Newtonsoft.Json High
CVE-2024-21907 was published for Newtonsoft.Json (NuGet) Jun 22, 2022
ezsilmar JamesNK
Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29863 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29864 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29865 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29866 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Security Update for the OPC UA .NET Standard Stack High
CVE-2022-29862 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
SQL injection in SiteServer CMS High
CVE-2021-42655 was published for SSCMS (NuGet) May 25, 2022
ChakraCore information disclosure vulnerability High
CVE-2020-0813 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
ChakraCore RCE via Out-of-bounds write High
CVE-2019-1051 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
ChakraCore RCE via Out-of-bounds write High
CVE-2019-1002 was published for Microsoft.ChakraCore (NuGet) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database