GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
668 advisories
Filter by severity
Moderate severity vulnerability that affects OPCFoundation.NetStandard.Opc.Ua
Moderate
CVE-2018-12087
was published
for
OPCFoundation.NetStandard.Opc.Ua
(NuGet)
Oct 16, 2018
DNN (aka DotNetNuke) has Remote Code Execution via a cookie
High
CVE-2017-9822
was published
for
DotNetNuke.Core
(NuGet)
Oct 16, 2018
Cross-site scripting (XSS) vulnerability in the user-profile biography section in DotNetNuke (DNN)
Moderate
CVE-2016-7119
was published
for
DotNetNuke.Core
(NuGet)
Oct 16, 2018
The installation wizard in DotNetNuke (DNN) allows privilege escalation
Critical
CVE-2015-2794
was published
for
DotNetNuke.Core
(NuGet)
Oct 16, 2018
Moderate severity vulnerability that affects DotNetNuke.Core
Moderate
CVE-2015-1566
was published
for
DotNetNuke.Core
(NuGet)
Oct 16, 2018
Critical severity vulnerability that affects recurly-api-client
Critical
CVE-2017-0907
was published
for
recurly-api-client
(NuGet)
Oct 16, 2018
Denial of service vulnerability exists when .NET and .NET Core improperly process XML documents
High
CVE-2018-0764
was published
for
System.Security.Cryptography.Xml
(NuGet)
Oct 16, 2018
High severity vulnerability that affects DotNetNuke.Core
High
CVE-2017-0929
was published
for
DotNetNuke.Core
(NuGet)
Oct 16, 2018
High severity vulnerability that affects DotNetZip
High
CVE-2018-1002205
was published
for
DotNetZip
(NuGet)
Oct 16, 2018
High severity vulnerability that affects YamlDotNet and YamlDotNet.Signed
High
CVE-2018-1000210
was published
for
YamlDotNet
(NuGet)
Oct 16, 2018
Bootstrap Cross-site Scripting vulnerability
Moderate
CVE-2018-14042
was published
for
bootstrap
(RubyGems)
Sep 13, 2018
Bootstrap Cross-site Scripting vulnerability
Moderate
CVE-2018-14041
was published
for
bootstrap
(RubyGems)
Sep 13, 2018
High severity vulnerability that affects jquery-ui
High
GHSA-g8q2-24jh-5hpc
was published
for
jQuery.UI.Combined
(RubyGems)
Jul 27, 2018
•
withdrawn
Cross-Site Scripting (XSS) in jquery
Moderate
CVE-2015-9251
was published
for
jQuery
(RubyGems)
Jan 22, 2018
Cross-site Scripting in jquery-ui
Moderate
CVE-2010-5312
was published
for
jQuery.UI.Combined
(RubyGems)
Oct 24, 2017
jquery-ui Tooltip widget vulnerable to XSS
Moderate
CVE-2012-6662
was published
for
jQuery.UI.Combined
(RubyGems)
Oct 24, 2017
jQuery-UI vulnerable to Cross-site Scripting in dialog closeText
Moderate
CVE-2016-7103
was published
for
jQuery.UI.Combined
(RubyGems)
Oct 24, 2017
ProTip!
Advisories are also available from the
GraphQL API