Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,046
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

416 advisories

Loading
NULL Pointer Dereference in Protocol Buffers High
CVE-2021-22570 was published for Google.Protobuf (Composer) Jan 27, 2022
joshbressers
Denial of service in CBOR library High
CVE-2024-21909 was published for PeterO.Cbor (NuGet) Jan 21, 2022
Umbraco Persistent Password Reset Poison High
CVE-2022-22691 was published for Umbraco.Cms.Core (NuGet) Jan 21, 2022
Umbraco ApplicationURL Overwrite High
CVE-2022-22690 was published for Umbraco.Cms.Core (NuGet) Jan 21, 2022
Allocation of Resources Without Limits or Throttling in Apache Avro High
CVE-2021-43045 was published for Apache.Avro (NuGet) Jan 8, 2022
AjaxNetProfessional deserializes arbitrary JavaScript objects High
CVE-2021-43853 was published for AjaxNetProfessional (NuGet) Jan 6, 2022
jsk95 ashmind
Cross-Site Request Forgery in PiranhaCMS High
CVE-2021-25976 was published for Piranha (NuGet) Nov 17, 2021
Signature verification vulnerability in Stark Bank ecdsa libraries High
GHSA-9wx7-jrvc-28mm was published for com.starkbank:ecdsa-java (Maven) Nov 8, 2021
tdunlap607
Missing Authorization with Default Settings in Dashboard UI High
CVE-2021-41238 was published for Hangfire.Core (NuGet) Nov 3, 2021
ASP.NET Core Denial of Service Vulnerability High
CVE-2021-31957 was published for Microsoft.NETCore.App.Ref (NuGet) Oct 6, 2021 withdrawn
Prototype Pollution in set-value High
CVE-2021-23440 was published for set-value (npm) Sep 13, 2021
mroch
Path traversal in elFinder.NetCore High
CVE-2021-23428 was published for elFinder.NetCore (NuGet) Sep 2, 2021
Directory Traversal in elFinder.AspNet High
CVE-2021-23415 was published for elFinder.AspNet (NuGet) Aug 9, 2021
Regular Expression Denial of Service in System.Text.RegularExpressions High
CVE-2019-0820 was published for System.Text.RegularExpressions (NuGet) Aug 4, 2021
r-bit-rry
Path Traversal in elFinder.Net.Core High
CVE-2021-23407 was published for elFinder.Net.Core (NuGet) Aug 2, 2021
Remote code execution in ChakraCore High
CVE-2020-1180 was published for Microsoft.ChakraCore (NuGet) Aug 2, 2021
Remote code execution in ChakraCore High
CVE-2020-1172 was published for Microsoft.ChakraCore (NuGet) Aug 2, 2021
Remote code execution in ChakraCore High
CVE-2020-1057 was published for Microsoft.ChakraCore (NuGet) Aug 2, 2021
Out-of-bounds write in ChakraCore High
CVE-2020-0768 was published for Microsoft.ChakraCore (NuGet) Aug 2, 2021
Out-of-bounds Write in ChakraCore High
CVE-2020-17048 was published for Microsoft.ChakraCore (NuGet) Aug 2, 2021
Out-of-bounds Write in ChakraCore High
CVE-2020-17054 was published for Microsoft.ChakraCore (NuGet) Aug 2, 2021
Out-of-bounds Write in ChakraCore High
CVE-2020-0828 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
Out-of-bounds Write in ChakraCore High
CVE-2020-0831 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
Out-of-bounds write in ChakraCore High
CVE-2020-0826 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
Out-of-bounds write in ChakraCore High
CVE-2020-0833 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database