Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,651
Maven
5,000+
npm
4,279
NuGet
760
pip
4,066
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

228 advisories

Loading
ChakraCore information disclosure vulnerability Moderate
CVE-2018-8315 was published for Microsoft.ChakraCore (NuGet) May 14, 2022
DNN XSS Vulnerability Moderate
CVE-2018-14486 was published for DotNetNuke.Core (NuGet) May 14, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2018-8452 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
ChakraCore Security Bypass Moderate
CVE-2018-8276 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2018-0939 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
CoreFTP Directory Traversal Moderate
CVE-2019-9648 was published for CoreFtp (NuGet) May 14, 2022
ChakraCore information disclosure vulnerability Moderate
CVE-2019-0648 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
XSS in the `altField` option of the Datepicker widget in jquery-ui Moderate
CVE-2021-41182 was published for jQuery.UI.Combined (RubyGems) Oct 26, 2021
esbena
Credited to esbena
jQuery vulnerable to Cross-Site Scripting (XSS) Moderate
CVE-2011-4969 was published for jQuery (RubyGems) May 14, 2022
jhutchings1 klaudialax
Credited to jhutchings1 and klaudialax
XSS in `*Text` options of the Datepicker widget in jquery-ui Moderate
CVE-2021-41183 was published for jQuery.UI.Combined (RubyGems) Oct 26, 2021
esbena
Credited to esbena
jQuery-UI vulnerable to Cross-site Scripting in dialog closeText Moderate
CVE-2016-7103 was published for jQuery.UI.Combined (RubyGems) Oct 24, 2017
Cross-Site Scripting (XSS) in jquery Moderate
CVE-2015-9251 was published for jQuery (RubyGems) Jan 22, 2018
klaudialax
Credited to klaudialax
Duplicate Advisory: Prototype Pollution in jquery Moderate
CVE-2019-5428 was published for jquery (RubyGems) Apr 23, 2019 withdrawn
kurt-r2c
Credited to kurt-r2c
DotNetNuke Default Machine Key Exposure Moderate
CVE-2008-6540 was published for DotNetNuke.Core (NuGet) May 14, 2022
DotNetNuke Vulnerable to XSS in Pass-Through Values Moderate
CVE-2007-0660 was published for DotNetNuke.Core (NuGet) May 1, 2022
DotNetNuke (DNN) Open redirect vulnerability Moderate
CVE-2013-7335 was published for DotNetNuke.Core (NuGet) May 17, 2022
DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter Moderate
CVE-2013-4649 was published for DotNetNuke.Core (NuGet) May 17, 2022
Umbraco CMS vulnerable to stored XSS Moderate
CVE-2020-5809 was published for UmbracoCms.Core (NuGet) May 24, 2022
DNN File Upload Vulnerability Moderate
CVE-2020-5188 was published for DotNetNuke.Core (NuGet) May 24, 2022
Azure SDK for .NET Information Disclosure Vulnerability. Moderate
CVE-2022-26907 was published for Microsoft.Rest.ClientRuntime (NuGet) Apr 16, 2022
Umbraco CMS vulnerable to stored XSS Moderate
CVE-2018-17256 was published for umbraco (NuGet) May 14, 2022
GleamTech FileUltimate Cross-site Scripting Moderate
CVE-2020-15015 was published for GleamTech.FileUltimate (NuGet) May 24, 2022
Umbraco CMS vulnerable to CSRF Moderate
CVE-2020-7210 was published for UmbracoCMS.Core (NuGet) May 24, 2022
DNN XSS Vulnerability Moderate
CVE-2020-5186 was published for DotNetNuke.Core (NuGet) May 24, 2022
Cross-Site Scripting in jquery Moderate
CVE-2012-6708 was published for jQuery (RubyGems) Sep 1, 2020
klaudialax
Credited to klaudialax
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database