Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

184 advisories

Loading
ChakraCore information disclosure vulnerability Moderate
CVE-2017-8659 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter Moderate
CVE-2013-4649 was published for DotNetNuke.Core (NuGet) May 17, 2022
Umbraco CMS XXE Vulnerability Moderate
CVE-2017-15280 was published for UmbracoCms.Web (NuGet) May 17, 2022
Umbraco CMS vulnerable to stored XSS Moderate
CVE-2017-15279 was published for UmbracoCMS.Web (NuGet) May 17, 2022
Improper Certificate Validation in Microsoft .NET Framework components Moderate
CVE-2018-8356 was published for System.Private.ServiceModel (NuGet) May 14, 2022
florelis skofman1
DotNetNuke Default Machine Key Exposure Moderate
CVE-2008-6540 was published for DotNetNuke.Core (NuGet) May 14, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2018-8315 was published for Microsoft.ChakraCore (NuGet) May 14, 2022
Umbraco CMS vulnerable to stored XSS Moderate
CVE-2018-17256 was published for umbraco (NuGet) May 14, 2022
Improper Input Validation in .Net Framework API's Moderate
CVE-2019-0657 was published for Microsoft.NETCore.App (NuGet) May 14, 2022
DNN XSS Vulnerability Moderate
CVE-2018-14486 was published for DotNetNuke.Core (NuGet) May 14, 2022
jQuery vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2011-4969 was published for jQuery (RubyGems) May 14, 2022
jhutchings1 klaudialax
CoreFTP Directory Traversal Moderate
CVE-2019-9648 was published for CoreFtp (NuGet) May 14, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2018-8452 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
ChakraCore Security Bypass Moderate
CVE-2018-8276 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib Moderate
CVE-2018-1002208 was published for SharpZipLib (NuGet) May 13, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2019-0648 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
Tampering vulnerability in .NET Core Moderate
CVE-2018-8416 was published for Microsoft.NETCore.App (NuGet) May 13, 2022
Improper Access Control in Telerik Extensions Moderate
CVE-2018-17060 was published for TelerikMvcExtensions (NuGet) May 13, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2018-0939 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
Bootstrap vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2018-14040 was published for bootstrap (RubyGems) May 13, 2022
jhutchings1 stof
Churro tdunlap607 jenhae
Mono ASP.NET View State Cross-Site Scripting (XSS) vulnerability Moderate
CVE-2010-1459 was published for mono (NuGet) May 2, 2022
CuteSoft CuteEditor Path Traversal vulnerability Moderate
CVE-2009-4665 was published for CuteEditor (NuGet) May 2, 2022
DotNetNuke Vulnerable to XSS in Pass-Through Values Moderate
CVE-2007-0660 was published for DotNetNuke.Core (NuGet) May 1, 2022
Apache log4net format string vulnerability causes DoS Moderate
CVE-2006-0743 was published for log4net (NuGet) May 1, 2022
Exposure of Sensitive Information to an Unauthorized Actor in DisCatSharp Moderate
CVE-2022-24849 was published for DisCatSharp (NuGet) Apr 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database