GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
417 advisories
Filter by severity
MongoDB .NET/C# Driver vulnerable to Deserialization of Untrusted Data
High
CVE-2022-48282
was published
for
MongoDB.Driver
(NuGet)
Feb 21, 2023
.NET Remote Code Execution Vulnerability
High
CVE-2023-21808
was published
for
Microsoft.NetCore.App.Runtime.win-arm
(NuGet)
Feb 14, 2023
Withdrawn Advisory: HTML injections in BTCPayServer
High
CVE-2023-0493
was published
for
BTCPayServer.Client
(NuGet)
Jan 27, 2023
•
withdrawn
Component takeover in Oracle Data Provider for .NET
High
CVE-2023-21893
was published
for
Oracle.ManagedDataAccess
(NuGet)
Jan 18, 2023
.NET Denial of Service Vulnerability
High
CVE-2023-21538
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
Jan 10, 2023
.NET Remote Code Execution Vulnerability
High
CVE-2022-41089
was published
for
Microsoft.WindowsDesktop.App.Runtime.win-arm64
(NuGet)
Dec 14, 2022
Duplicate Advisory: .NET Framework Remote Code Execution Vulnerability.
High
GHSA-9qcm-fqj9-93m4
was published
for
Microsoft.WindowsDesktop.App.Runtime.win-x64
(NuGet)
Dec 13, 2022
•
withdrawn
.NET Core Elevation of Privilege Vulnerability
High
CVE-2021-26423
was published
for
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64
(NuGet)
Oct 25, 2022
.NET Denial of Service Vulnerability
High
CVE-2022-23267
was published
for
Microsoft.AspNetCore.App.Runtime.linux-arm
(NuGet)
Oct 21, 2022
.NET Denial of Service Vulnerability
High
CVE-2022-24464
was published
for
Microsoft.AspNetCore.App.Runtime.linux-arm
(NuGet)
Oct 21, 2022
.NET Denial of Service Vulnerability
High
CVE-2022-21986
was published
for
Microsoft.AspNetCore.App.Runtime.linux-arm
(NuGet)
Oct 21, 2022
NuGet Elevation of Privilege Vulnerability
High
CVE-2022-41032
was published
for
NuGet.CommandLine
(NuGet)
Oct 11, 2022
.NET Denial of Service Vulnerability
High
CVE-2022-38013
was published
for
Microsoft.AspNetCore.App.Runtime.linux-arm
(NuGet)
Sep 15, 2022
.NET Denial of Service Vulnerability
High
CVE-2022-29145
was published
for
Microsoft.AspNetCore.App.Runtime.linux-arm
(NuGet)
Aug 30, 2022
.NET Denial of Service Vulnerability
High
CVE-2022-29117
was published
for
Microsoft.AspNetCore.App.Runtime.linux-arm
(NuGet)
Aug 30, 2022
Incorrect Access Control and Cross Site Scripting in Jellyfin
High
CVE-2022-35909
was published
for
Jellyfin.Common
(NuGet)
Aug 20, 2022
Moment.js vulnerable to Inefficient Regular Expression Complexity
High
CVE-2022-31129
was published
for
Moment.js
(npm)
Jul 6, 2022
Improper Handling of Exceptional Conditions in Newtonsoft.Json
High
CVE-2024-21907
was published
for
Newtonsoft.Json
(NuGet)
Jun 22, 2022
Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29863
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29864
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29865
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core
High
CVE-2022-29866
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
Security Update for the OPC UA .NET Standard Stack
High
CVE-2022-29862
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
Jun 17, 2022
ChakraCore information disclosure vulnerability
High
CVE-2020-0813
was published
for
Microsoft.ChakraCore
(NuGet)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API