Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

661 advisories

Loading
Improper Authentication in Auth0.AuthenticationApi High
CVE-2019-16929 was published for Auth0.AuthenticationApi (NuGet) Oct 24, 2019
klaudialax
High severity vulnerability that affects PeterO.Cbor High
GHSA-cxw4-9qv9-vx5h was published for PeterO.Cbor (NuGet) Sep 30, 2019
High severity vulnerability that affects System.Management.Automation High
CVE-2019-1301 was published for System.Management.Automation (NuGet) Sep 13, 2019
Directory Traversal in SharpCompress Moderate
CVE-2018-1002206 was published for sharpcompress (NuGet) Sep 11, 2019
geoffodonnell
Uncontrolled Resource Consumption in MetadataExtractor High
CVE-2019-14262 was published for MetadataExtractor (NuGet) Aug 23, 2019
Vulnerability in Azure Active Directory Authentication Library High
CVE-2019-1258 was published for microsoft.identitymodel.clients.activedirectory (NuGet) Aug 16, 2019
Cross-site scripting in CLEditor Moderate
CVE-2019-1010113 was published for CLEditor (NuGet) Jul 26, 2019
System.Management.Automation subject to bypass via script debugging Moderate
CVE-2019-1167 was published for System.Management.Automation (NuGet) Jul 17, 2019
MadsKristensen.AspNetCore.Miniblog subject to Improper Input Validation Critical
CVE-2019-9845 was published for MadsKristensen.AspNetCore.Miniblog (NuGet) Jul 5, 2019
Inadequate Encryption Strength in DotNetNuke High
CVE-2018-15811 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
Insufficient Entropy in DotNetNuke High
CVE-2018-15812 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
Insufficient Entropy in DotNetNuke High
CVE-2018-18326 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
Inadequate Encryption Strength in DotNetNuke High
CVE-2018-18325 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
Low severity vulnerability that affects Gw2Sharp Low
GHSA-4vr3-9v7h-5f8v was published for Gw2Sharp (NuGet) Jun 18, 2019
XSS in jQuery as used in Drupal, Backdrop CMS, and other products Moderate
CVE-2019-11358 was published for django (RubyGems) Apr 26, 2019
klaudialax eoftedal
Rudloff
Duplicate Advisory: Prototype Pollution in jquery Moderate
CVE-2019-5428 was published for jquery (RubyGems) Apr 23, 2019 withdrawn
kurt-r2c
Critical severity vulnerability that affects Auth0-WCF-Service-JWT Critical
CVE-2019-7644 was published for Auth0-WCF-Service-JWT (NuGet) Apr 18, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0639 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0609 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0592 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0611 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0769 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
Microsoft.ChakraCore vulnerable to Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2019-0746 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0773 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
High severity vulnerability that affects Microsoft.ChakraCore High
CVE-2019-0771 was published for Microsoft.ChakraCore (NuGet) Apr 9, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database