GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
638 advisories
Filter by severity
Moderate severity vulnerability that affects Microsoft.AspNetCore.Mvc
Moderate
CVE-2017-0256
was published
for
Microsoft.AspNetCore.Mvc
(NuGet)
Oct 16, 2018
ASP.NET Core fails to properly validate web requests
High
CVE-2017-0247
was published
for
Microsoft.AspNetCore.Mvc
(NuGet)
Oct 16, 2018
Missing Token Replay Detection in Saml2 Authentication services for ASP.NET
High
CVE-2020-5261
was published
for
Sustainsys.Saml2
(NuGet)
Mar 25, 2020
Uncontrolled Resource Consumption in MetadataExtractor
High
CVE-2019-14262
was published
for
MetadataExtractor
(NuGet)
Aug 23, 2019
Cross-site scripting in CLEditor
Moderate
CVE-2019-1010113
was published
for
CLEditor
(NuGet)
Jul 26, 2019
Insufficient Entropy in DotNetNuke
High
CVE-2018-18326
was published
for
DotNetNuke.Core
(NuGet)
Jul 5, 2019
Insufficient Entropy in DotNetNuke
High
CVE-2018-15812
was published
for
DotNetNuke.Core
(NuGet)
Jul 5, 2019
Inadequate Encryption Strength in DotNetNuke
High
CVE-2018-15811
was published
for
DotNetNuke.Core
(NuGet)
Jul 5, 2019
Inadequate Encryption Strength in DotNetNuke
High
CVE-2018-18325
was published
for
DotNetNuke.Core
(NuGet)
Jul 5, 2019
Code Injection in Masuit.Tools.Core
High
CVE-2022-21167
was published
for
Masuit.Tools.Core
(NuGet)
May 3, 2022
Remote code execution vulnerability in dependency System.Drawing.Common
Moderate
GHSA-gpv5-rp6w-58r8
was published
for
Akka
(NuGet)
Nov 22, 2022
Elevation of privilege in ASP.NET Core
Moderate
CVE-2019-1302
was published
for
Microsoft.AspNetCore.SpaServices
(NuGet)
May 24, 2022
DNS NuGet package uses insufficiently random values
Critical
CVE-2021-4248
was published
for
DNS
(NuGet)
Dec 18, 2022
.NET Information Disclosure Vulnerability
Moderate
CVE-2022-41064
was published
for
Microsoft.Data.SqlClient
(NuGet)
Nov 8, 2022
ASP.NET Core Information Disclosure Vulnerability
Moderate
CVE-2021-34532
was published
for
Microsoft.AspNetCore.Authentication.JwtBearer
(NuGet)
Aug 25, 2021
.NET Core Elevation of Privilege Vulnerability
High
CVE-2021-26423
was published
for
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64
(NuGet)
Oct 25, 2022
XML External Entity attack in log4net
Critical
CVE-2018-1285
was published
for
log4net
(NuGet)
Jan 29, 2021
Exposure of Sensitive Information in OPCFoundation.NetStandard.Opc.Ua.Server
Moderate
CVE-2022-33916
was published
for
OPCFoundation.NetStandard.Opc.Ua.Server
(NuGet)
Aug 24, 2022
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29866
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Security Update for the OPC UA .NET Standard Stack
High
CVE-2022-29862
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29865
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29864
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29863
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
.NET Core Remote Code Execution Vulnerability
Critical
CVE-2021-24112
was published
for
System.Drawing.Common
(NuGet)
May 24, 2022
Denial of service in .NET core
Moderate
CVE-2021-1721
was published
for
Microsoft.NETCore.App
(NuGet)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API