GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
417 advisories
Filter by severity
NULL Pointer Dereference in Protocol Buffers
High
CVE-2021-22570
was published
for
Google.Protobuf
(Composer)
Jan 27, 2022
Denial of service in CBOR library
High
CVE-2024-21909
was published
for
PeterO.Cbor
(NuGet)
Jan 21, 2022
Umbraco Persistent Password Reset Poison
High
CVE-2022-22691
was published
for
Umbraco.Cms.Core
(NuGet)
Jan 21, 2022
Umbraco ApplicationURL Overwrite
High
CVE-2022-22690
was published
for
Umbraco.Cms.Core
(NuGet)
Jan 21, 2022
Allocation of Resources Without Limits or Throttling in Apache Avro
High
CVE-2021-43045
was published
for
Apache.Avro
(NuGet)
Jan 8, 2022
AjaxNetProfessional deserializes arbitrary JavaScript objects
High
CVE-2021-43853
was published
for
AjaxNetProfessional
(NuGet)
Jan 6, 2022
Cross-Site Request Forgery in PiranhaCMS
High
CVE-2021-25976
was published
for
Piranha
(NuGet)
Nov 17, 2021
Signature verification vulnerability in Stark Bank ecdsa libraries
High
GHSA-9wx7-jrvc-28mm
was published
for
com.starkbank:ecdsa-java
(Maven)
Nov 8, 2021
Missing Authorization with Default Settings in Dashboard UI
High
CVE-2021-41238
was published
for
Hangfire.Core
(NuGet)
Nov 3, 2021
ASP.NET Core Denial of Service Vulnerability
High
CVE-2021-31957
was published
for
Microsoft.NETCore.App.Ref
(NuGet)
Oct 6, 2021
•
withdrawn
Path traversal in elFinder.NetCore
High
CVE-2021-23428
was published
for
elFinder.NetCore
(NuGet)
Sep 2, 2021
Directory Traversal in elFinder.AspNet
High
CVE-2021-23415
was published
for
elFinder.AspNet
(NuGet)
Aug 9, 2021
Regular Expression Denial of Service in System.Text.RegularExpressions
High
CVE-2019-0820
was published
for
System.Text.RegularExpressions
(NuGet)
Aug 4, 2021
Path Traversal in elFinder.Net.Core
High
CVE-2021-23407
was published
for
elFinder.Net.Core
(NuGet)
Aug 2, 2021
Remote code execution in ChakraCore
High
CVE-2020-1180
was published
for
Microsoft.ChakraCore
(NuGet)
Aug 2, 2021
Remote code execution in ChakraCore
High
CVE-2020-1172
was published
for
Microsoft.ChakraCore
(NuGet)
Aug 2, 2021
Remote code execution in ChakraCore
High
CVE-2020-1057
was published
for
Microsoft.ChakraCore
(NuGet)
Aug 2, 2021
Out-of-bounds write in ChakraCore
High
CVE-2020-0768
was published
for
Microsoft.ChakraCore
(NuGet)
Aug 2, 2021
Out-of-bounds Write in ChakraCore
High
CVE-2020-17048
was published
for
Microsoft.ChakraCore
(NuGet)
Aug 2, 2021
Out-of-bounds Write in ChakraCore
High
CVE-2020-17054
was published
for
Microsoft.ChakraCore
(NuGet)
Aug 2, 2021
Out-of-bounds Write in ChakraCore
High
CVE-2020-0828
was published
for
Microsoft.ChakraCore
(NuGet)
Jul 28, 2021
Out-of-bounds Write in ChakraCore
High
CVE-2020-0831
was published
for
Microsoft.ChakraCore
(NuGet)
Jul 28, 2021
Out-of-bounds write in ChakraCore
High
CVE-2020-0826
was published
for
Microsoft.ChakraCore
(NuGet)
Jul 28, 2021
ProTip!
Advisories are also available from the
GraphQL API