Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

43 advisories

Loading
Duplicate Advisory: tgstation-server vulnerable to cached user logins in legacy server Critical
GHSA-7r36-jf3c-jhp4 was published for TGServiceInterface (NuGet) May 13, 2022 withdrawn
ChakraCore vulnerable to privilege escalation Critical
CVE-2017-11767 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
ChakraCore RCE Vulnerability Critical
CVE-2018-8500 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
Deserialization of Untrusted Data in SinGooCMS.Utility Critical
CVE-2022-0749 was published for SinGooCMS.Utility (NuGet) Mar 18, 2022
Remote Code Execution in AjaxNetProfessional Critical
CVE-2021-23758 was published for AjaxNetProfessional (NuGet) Dec 16, 2021
Remote Code Execution in AjaxNetProfessional Critical
GHSA-6r7c-6w96-8pvw was published for AjaxNetProfessional (NuGet) Dec 7, 2021
h0ng10 mwulftange
Improper Verification of Cryptographic Signature in starkbank-ecdsa Critical
CVE-2021-43569 was published for starkbank-ecdsa (NuGet) Nov 10, 2021
Remote Code Execution in Halibut Critical
CVE-2021-31819 was published for Halibut (NuGet) Sep 23, 2021
Imporoper path validation in elFinder.NetCore Critical
CVE-2021-23427 was published for elFinder.NetCore (NuGet) Sep 2, 2021
Missing Authorization in FastReport Critical
CVE-2020-27998 was published for FastReport.OpenSource (NuGet) Aug 2, 2021
Insecure deserialization in Wire Critical
CVE-2021-29508 was published for Wire (NuGet) May 19, 2021
.NET Core Remote Code Execution Vulnerability Critical
CVE-2021-26701 was published for System.Text.Encodings.Web (NuGet) Apr 21, 2021
Double Free in Adplug Critical
CVE-2019-15151 was published for adplug (NuGet) Mar 29, 2021
XML External Entity attack in log4net Critical
CVE-2018-1285 was published for log4net (NuGet) Jan 29, 2021
MadsKristensen.AspNetCore.Miniblog subject to Improper Input Validation Critical
CVE-2019-9845 was published for MadsKristensen.AspNetCore.Miniblog (NuGet) Jul 5, 2019
Critical severity vulnerability that affects Auth0-WCF-Service-JWT Critical
CVE-2019-7644 was published for Auth0-WCF-Service-JWT (NuGet) Apr 18, 2019
The installation wizard in DotNetNuke (DNN) allows privilege escalation Critical
CVE-2015-2794 was published for DotNetNuke.Core (NuGet) Oct 16, 2018
Critical severity vulnerability that affects recurly-api-client Critical
CVE-2017-0907 was published for recurly-api-client (NuGet) Oct 16, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database