Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,201
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

414 advisories

Loading
Duplicate Advisory: .NET and Visual Studio Denial of Service Vulnerability High
GHSA-wmm6-pgp8-29hg was published for System.Formats.Nrbf (NuGet) Nov 12, 2024 withdrawn
Apache Lucene.Net.Replicator Deserialization of Untrusted Data vulnerability High
CVE-2024-43383 was published for Lucene.Net.Replicator (NuGet) Oct 31, 2024
Security Update for the OPC UA .NET Standard Stack High
GHSA-qm9f-c3v9-wphv was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Oct 18, 2024
Microsoft Security Advisory CVE-2024-43485 | .NET Denial of Service Vulnerability High
CVE-2024-43485 was published for System.Text.Json (NuGet) Oct 8, 2024
rbhanda markusschaber
Microsoft Security Advisory CVE-2024-43484 | .NET Denial of Service Vulnerability High
CVE-2024-43484 was published for System.IO.Packaging (NuGet) Oct 8, 2024
rbhanda
Microsoft Security Advisory CVE-2024-43483 | .NET Denial of Service Vulnerability High
CVE-2024-43483 was published for Microsoft.Extensions.Caching.Memory (NuGet) Oct 8, 2024
rbhanda
Microsoft Security Advisory CVE-2024-38229 | .NET Remote Code Execution Vulnerability High
CVE-2024-38229 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Oct 8, 2024
Microsoft Security Advisory CVE-2024-38168 | .NET Denial of Service Vulnerability High
CVE-2024-38168 was published for Microsoft.AspNetCore.App.Runtime.win-arm (NuGet) Aug 13, 2024
tgstation-server's DreamMaker environment files outside the deployment directory can be compiled and ran by insufficiently permissioned users High
CVE-2024-41799 was published for Tgstation.Server.Api (NuGet) Jul 29, 2024
SandPoot Cyberboss
SixLabors ImageSharp Out-of-bounds Write High
CVE-2024-41131 was published for SixLabors.ImageSharp (NuGet) Jul 22, 2024
Erik-White
Mimekit has vulnerable dependency that can lead to denial of service High
GHSA-gmc6-fwg3-75m5 was published for MimeKit (NuGet) Jul 11, 2024
StefanJonssonInExchange
Microsoft Security Advisory CVE-2024-38095 | .NET Denial of Service Vulnerability High
CVE-2024-38095 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jul 9, 2024
Microsoft Security Advisory CVE-2024-38081 | .NET Denial of Service Vulnerability High
CVE-2024-38081 was published for Microsoft.IO.Redist (NuGet) Jul 9, 2024
Microsoft Security Advisory CVE-2024-35264 | .NET Remote Code Execution Vulnerability High
CVE-2024-35264 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Jul 9, 2024
Microsoft Security Advisory CVE-2024-30105 | .NET Denial of Service Vulnerability High
CVE-2024-30105 was published for System.Text.Json (NuGet) Jul 9, 2024
OPCFoundation.NetStandard.Opc.Ua.Core buffer-management vulnerability High
CVE-2024-33862 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jul 6, 2024
Azure Storage Movement Client Library Denial of Service Vulnerability High
CVE-2024-35252 was published for Microsoft.Azure.Storage.DataMovement (NuGet) Jun 11, 2024
Npgsql vulnerable to SQL Injection via Protocol Message Size Overflow High
CVE-2024-32655 was published for Npgsql (NuGet) May 9, 2024
paul-gerste-sonarsource NinoFloris
.NET Elevation of Privilege Vulnerability High
CVE-2024-21409 was published for Microsoft.WindowsDesktop.App.Runtime.win-arm64 (NuGet) Apr 17, 2024
rbhanda
WiX based installers are vulnerable to binary hijack when run as SYSTEM High
CVE-2024-29187 was published for WixToolset.Sdk (NuGet) Mar 25, 2024
KNaceri rohitmothe
Malicious directory junction can cause WiX RemoveFoldersEx to possibly delete elevated files High
CVE-2024-29188 was published for WixToolset.Util.wixext (NuGet) Mar 25, 2024
WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM High
GHSA-g4v6-69p6-q3p4 was published for PanelSwWix4.Sdk (NuGet) Mar 25, 2024
WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM High
GHSA-wq88-fq4x-h2pm was published for PanelSW.Custom.WiX (NuGet) Mar 25, 2024
CoreWCF NetFraming based services can leave connections open when they should be closed High
CVE-2024-28252 was published for CoreWCF.NetFramingBase (NuGet) Mar 15, 2024
mirek-kopacka birojnayak
mconnew
Remote Denial of Service Vulnerability in Microsoft QUIC High
GHSA-2x7m-gf85-3745 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Mar 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database