Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

663 advisories

Loading
Out-of-bounds write High
CVE-2019-1307 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-1335 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Out-of-bounds write High
CVE-2019-1366 was published for Microsoft.ChakraCore (NuGet) Mar 29, 2021
Double Free in Adplug Critical
CVE-2019-15151 was published for adplug (NuGet) Mar 29, 2021
Out-of-bounds write in libpng High
CVE-2018-14550 was published for libpng (NuGet) Mar 22, 2021
Improper Authentication High
GHSA-qxx8-292g-2w66 was published for Microsoft.Bot.Connector (NuGet) Mar 8, 2021
XML External Entity attack in log4net Critical
CVE-2018-1285 was published for log4net (NuGet) Jan 29, 2021
Signature validation bypass in ServiceStack Moderate
CVE-2020-28042 was published for ServiceStack (NuGet) Jan 13, 2021
Regular Expression Denial of Service in jquery-validation High
CVE-2021-21252 was published for jQuery.Validation (npm) Jan 13, 2021
erik-krogh pwntester
Cross-site scripting vulnerability in TinyMCE Moderate
CVE-2024-21911 was published for TinyMCE (Composer) Jan 6, 2021
emilwareus
XSS in HtmlSanitizer Low
CVE-2020-26293 was published for HtmlSanitizer (NuGet) Jan 4, 2021
Denial of Service in i18n High
CVE-2020-7791 was published for i18n (NuGet) Dec 14, 2020
Inappropriate implementation in V8 High
CVE-2020-16009 was published for CefSharp.Common (NuGet) Dec 2, 2020
Use after free in CefSharp High
CVE-2020-16017 was published for CefSharp.Common (NuGet) Nov 27, 2020
Inappropriate implementation in V8 in CefSharp High
CVE-2020-16013 was published for CefSharp.Common (NuGet) Nov 27, 2020
Heap buffer overflow in CefSharp Moderate
CVE-2020-15999 was published for CefSharp.Common (NuGet) Oct 27, 2020
personnummer/csharp vulnerable to Improper Input Validation Low
GHSA-qv8q-v995-72gr was published for personnummer (NuGet) Sep 9, 2020
Cross-Site Scripting in jquery Moderate
CVE-2012-6708 was published for jQuery (RubyGems) Sep 1, 2020
klaudialax
Insecure defaults in UmbracoForms High
CVE-2020-7685 was published for UmbracoForms (NuGet) Jul 29, 2020
Cross-Site Scripting in jquery Moderate
CVE-2020-7656 was published for jQuery (RubyGems) May 20, 2020
klaudialax eoftedal
Potential XSS vulnerability in jQuery Moderate
CVE-2020-11023 was published for jQuery (RubyGems) Apr 29, 2020
masatokinugawa klaudialax
Potential XSS vulnerability in jQuery Moderate
CVE-2020-11022 was published for jquery (RubyGems) Apr 29, 2020
masatokinugawa Churro
Rudloff
Subject Confirmation Method not validated in Saml2 Authentication Services for ASP.NET Moderate
CVE-2020-5268 was published for Sustainsys.Saml2 (NuGet) Apr 22, 2020
Internal NCryptDecrypt method could be used externally from WindowsHello library. Moderate
CVE-2020-11005 was published for HaemmerElectronics.SeppPenner.WindowsHello (NuGet) Apr 14, 2020
Missing Token Replay Detection in Saml2 Authentication services for ASP.NET High
CVE-2020-5261 was published for Sustainsys.Saml2 (NuGet) Mar 25, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database