GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
21 advisories
Filter by severity
FullStackHero's WebAPI Boilerplate host header injection vulnerability
Moderate
CVE-2024-26470
was published
for
FullStackHero.WebAPI.Boilerplate
(NuGet)
Feb 29, 2024
Brute force exploit can be used to collect valid usernames
Low
CVE-2023-49278
was published
for
Umbraco.CMS
(NuGet)
Dec 13, 2023
SMTP misconfiguration leading to "Forgot Password" exploit that leaks registered user email.
Low
CVE-2023-49274
was published
for
Umbraco.CMS
(NuGet)
Dec 13, 2023
Exposure of Sensitive Information in Elastic APM .NET Agent
Low
CVE-2021-22143
was published
for
Elastic.Apm
(NuGet)
Nov 22, 2023
.NET Information Disclosure Vulnerability
High
CVE-2023-35391
was published
for
Microsoft.AspNetCore.SignalR.Redis
(NuGet)
Aug 11, 2023
Exposure of Sensitive Information in OPC UA .NET Standard Reference Server
Moderate
CVE-2023-31048
was published
for
OPCFoundation.NetStandard.Opc.Ua.Core
(NuGet)
May 5, 2023
Temporary File Information Disclosure vulnerability in MPXJ
Low
CVE-2022-41954
was published
for
mpxj
(Maven)
Nov 28, 2022
Exposure of Sensitive Information in OPCFoundation.NetStandard.Opc.Ua.Server
Moderate
CVE-2022-33916
was published
for
OPCFoundation.NetStandard.Opc.Ua.Server
(NuGet)
Aug 24, 2022
MongoDB C# Driver Risk of Exposing Authentication Data via Command Listener
Moderate
CVE-2021-20331
was published
for
mongodb.driver
(NuGet)
May 24, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2017-0208
was published
for
Microsoft.ChakraCore
(NuGet)
May 17, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2017-8659
was published
for
Microsoft.ChakraCore
(NuGet)
May 17, 2022
ChakraCore RCE Vulnerability
High
CVE-2017-11797
was published
for
Microsoft.ChakraCore
(NuGet)
May 17, 2022
ChakraCore RCE Vulnerability
High
CVE-2017-11801
was published
for
Microsoft.ChakraCore
(NuGet)
May 17, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2018-8315
was published
for
Microsoft.ChakraCore
(NuGet)
May 14, 2022
Exposure of Sensitive Information in System.Net.Http
High
CVE-2019-0545
was published
for
Microsoft.NETCore.App
(NuGet)
May 14, 2022
ChakraCore information disclosure vulnerability
Moderate
CVE-2018-8452
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
ChakraCore information disclosure vulnerability
High
CVE-2018-8145
was published
for
Microsoft.ChakraCore
(NuGet)
May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in DisCatSharp
Moderate
CVE-2022-24849
was published
for
DisCatSharp
(NuGet)
Apr 22, 2022
Credential Disclosure in System.DirectoryServices.Protocols
Moderate
CVE-2021-41355
was published
for
System.DirectoryServices.Protocols
(NuGet)
Oct 12, 2021
.NET Core Information Disclosure
High
CVE-2018-8292
was published
for
System.Net.Http
(NuGet)
Apr 21, 2021
Microsoft.ChakraCore vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
Moderate
CVE-2019-0746
was published
for
Microsoft.ChakraCore
(NuGet)
Apr 9, 2019
ProTip!
Advisories are also available from the
GraphQL API