GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,046
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
416 advisories
Filter by severity
Microsoft Security Advisory CVE-2023-36796: .NET Remote Code Execution Vulnerability
High
CVE-2023-36796
was published
for
Microsoft.NETCore.App.Runtime.win-arm64
(NuGet)
Sep 12, 2023
libwebp: OOB write in BuildHuffmanTable
High
CVE-2023-4863
was published
for
Pillow
(Go)
Sep 12, 2023
.NET Information Disclosure Vulnerability
High
CVE-2023-35391
was published
for
Microsoft.AspNetCore.SignalR.Redis
(NuGet)
Aug 11, 2023
.NET Remote Code Execution Vulnerability
High
CVE-2023-35390
was published
for
Microsoft.NET.Build.Containers
(NuGet)
Aug 9, 2023
.NET Denial of Service Vulnerability
High
CVE-2023-38178
was published
for
Microsoft.AspNetCore.App.Runtime.win-arm
(NuGet)
Aug 9, 2023
.NET Denial of Service Vulnerability
High
CVE-2023-38180
was published
for
Microsoft.AspNetCore.App.Runtime.win-arm64
(NuGet)
Aug 9, 2023
Umbraco allows possible Admin-level access to backoffice without Auth under rare conditions
High
CVE-2023-37267
was published
for
Umbraco.Cms.Infrastructure
(NuGet)
Jul 13, 2023
Microsoft Security Advisory CVE-2023-33127: .NET Remote Code Execution Vulnerability
High
CVE-2023-33127
was published
for
Microsoft.WindowsDesktop.App.Runtime.win-arm64
(NuGet)
Jul 11, 2023
Microsoft Security Advisory CVE-2023-33170: .NET Security Feature Bypass Vulnerability
High
CVE-2023-33170
was published
for
Microsoft.AspNet.Identity.Owin
(NuGet)
Jul 11, 2023
YARP Denial of Service Vulnerability
High
CVE-2023-33141
was published
for
Yarp.ReverseProxy
(NuGet)
Jun 23, 2023
Microsoft Security Advisory CVE-2023-33126: .NET Remote Code Execution Vulnerability
High
CVE-2023-33126
was published
for
Microsoft.NetCore.App.Runtime.win-arm
(NuGet)
Jun 14, 2023
.NET Remote Code Execution Vulnerability
High
CVE-2023-33128
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
Jun 14, 2023
.NET Denial of Service vulnerability
High
CVE-2023-29331
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
Jun 14, 2023
.NET Elevation of Privilege Vulnerability
High
CVE-2023-24936
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
Jun 14, 2023
.NET Remote Code Execution Vulnerability
High
CVE-2023-24895
was published
for
Microsoft.WindowsDesktop.App.Runtime.win-arm64
(NuGet)
Jun 14, 2023
.NET Remote Code Execution Vulnerability
High
CVE-2023-24897
was published
for
Microsoft.NetCore.App.Runtime.win-arm
(NuGet)
Jun 14, 2023
NuGet Client Remote Code Execution Vulnerability
High
CVE-2023-29337
was published
for
Microsoft.Build.NuGetSdkResolver
(NuGet)
Jun 14, 2023
tgstation-server cached user logins in legacy server
High
CVE-2018-17107
was published
for
TGServiceInterface
(NuGet)
Jun 12, 2023
Snowflake Connector .Net Command Injection
High
CVE-2023-34230
was published
for
Snowflake.Data
(NuGet)
Jun 9, 2023
Uncontrolled Resource Consumption in OPC UA .NET Standard Reference Server
High
CVE-2023-27321
was published
for
OPCFoundation.NetStandard.Opc.Ua.Server
(NuGet)
May 5, 2023
Insufficient token expiration in Serenity
High
CVE-2023-31287
was published
for
Serenity.Net.Core
(NuGet)
Apr 27, 2023
Directory traversal + file write causing arbitrary code execution
High
CVE-2023-30626
was published
for
Jellyfin.Controller
(NuGet)
Apr 24, 2023
.NET Remote Code Execution vulnerability
High
CVE-2023-28260
was published
for
Microsoft.NetCore.App.Runtime.win-arm
(NuGet)
Apr 11, 2023
Snappier vulnerable to buffer overrun due to improper restriction of operations within the bounds of a memory buffer
High
CVE-2023-28638
was published
for
Snappier
(NuGet)
Mar 27, 2023
MongoDB .NET/C# Driver vulnerable to Deserialization of Untrusted Data
High
CVE-2022-48282
was published
for
MongoDB.Driver
(NuGet)
Feb 21, 2023
ProTip!
Advisories are also available from the
GraphQL API