Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,698
Maven
5,000+
npm
4,325
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

445 advisories

Loading
Signature verification vulnerability in Stark Bank ecdsa libraries High
GHSA-9wx7-jrvc-28mm was published for com.starkbank:ecdsa-java (Maven) Nov 8, 2021
tdunlap607
Credited to tdunlap607
Snappier vulnerable to buffer overrun due to improper restriction of operations within the bounds of a memory buffer High
CVE-2023-28638 was published for Snappier (NuGet) Mar 27, 2023
brantburnett
Credited to brantburnett
MongoDB .NET/C# Driver vulnerable to Deserialization of Untrusted Data High
CVE-2022-48282 was published for MongoDB.Driver (NuGet) Feb 21, 2023
Insecure defaults in UmbracoForms High
CVE-2020-7685 was published for UmbracoForms (NuGet) Jul 29, 2020
Regular Expression Denial of Service in System.Text.RegularExpressions High
CVE-2019-0820 was published for System.Text.RegularExpressions (NuGet) Aug 4, 2021
r-bit-rry
Credited to r-bit-rry
Use after free in Animation High
CVE-2022-0609 was published for CefSharp.Common (NuGet) Feb 22, 2022
Path Traversal in SharpZipLib High
CVE-2021-32840 was published for SharpZipLib (NuGet) Feb 1, 2022
Umbraco Persistent Password Reset Poison High
CVE-2022-22691 was published for Umbraco.Cms.Core (NuGet) Jan 21, 2022
Umbraco ApplicationURL Overwrite High
CVE-2022-22690 was published for Umbraco.Cms.Core (NuGet) Jan 21, 2022
.NET Core & .NET Framework Denial of Service Vulnerability High
CVE-2020-1108 was published for Microsoft.NETCore.App (NuGet) May 24, 2022
ASP.NET Core Denial of Service Vulnerability High
CVE-2020-1161 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) May 24, 2022
Cross-Site Request Forgery in PiranhaCMS High
CVE-2021-25976 was published for Piranha (NuGet) Nov 17, 2021
Out-of-bounds Write in ChakraCore High
CVE-2020-0831 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
Out-of-bounds write in ChakraCore High
CVE-2020-0829 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
Incorrect Regular Expression in RestSharp High
CVE-2021-27293 was published for RestSharp (NuGet) Jul 14, 2021
ASP.NET Core Denial of Service Vulnerability High
CVE-2021-31957 was published for Microsoft.NETCore.App.Ref (NuGet) Oct 6, 2021 withdrawn
Out-of-bounds write in ChakraCore High
CVE-2020-0848 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
Out-of-bounds write in ChakraCore High
CVE-2020-0826 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
Out-of-bounds write in ChakraCore High
CVE-2020-0833 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
Out-of-bounds Write in ChakraCore High
CVE-2020-0828 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
Path Traversal in elFinder.Net.Core High
CVE-2021-23407 was published for elFinder.Net.Core (NuGet) Aug 2, 2021
Out-of-bounds write in ChakraCore High
CVE-2020-0768 was published for Microsoft.ChakraCore (NuGet) Aug 2, 2021
Out-of-bounds write in ChakraCore High
CVE-2020-0825 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
Out-of-bounds write in ChakraCore High
CVE-2020-0830 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
Out-of-bounds write in ChakraCore High
CVE-2020-0827 was published for Microsoft.ChakraCore (NuGet) Jul 28, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database