GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,944
Erlang
29
GitHub Actions
16
Go
1,729
Maven
4,955
npm
3,489
NuGet
607
pip
3,058
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
607 advisories
Filter by severity
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Moderate
CVE-2024-35255
was published
for
@azure/identity
(Go)
Jun 11, 2024
Azure Storage Movement Client Library Denial of Service Vulnerability
High
CVE-2024-35252
was published
for
Microsoft.Azure.Storage.DataMovement
(NuGet)
Jun 11, 2024
Umbraco Commerce vulnerable to Stored Cross-site Scripting on Print Functionality
Moderate
CVE-2024-35240
was published
for
Umbraco.Commerce
(NuGet)
May 28, 2024
Umbraco Forms components vulnerable to Stored Cross-site Scripting
Low
CVE-2024-35239
was published
for
Umbraco.Forms
(NuGet)
May 28, 2024
Out-of-bounds write in Microsoft.ChakraCore
High
CVE-2019-1195
was published
for
Microsoft.ChakraCore
(NuGet)
Mar 29, 2021
Out-of-bounds write in Microsoft.ChakraCore
High
CVE-2019-1140
was published
for
Microsoft.ChakraCore
(NuGet)
Mar 29, 2021
Out-of-bounds write in Microsoft.ChakraCore
High
CVE-2019-1131
was published
for
Microsoft.ChakraCore
(NuGet)
Mar 29, 2021
Out-of-bounds write in Microsoft.ChakraCore
High
CVE-2019-1139
was published
for
Microsoft.ChakraCore
(NuGet)
Mar 29, 2021
Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege Vulnerability
High
CVE-2023-36049
was published
for
System.Net.Requests
(NuGet)
Nov 14, 2023
Remote Denial of Service Vulnerability in Microsoft.Native.Quic.MsQuic.Schannel
High
CVE-2023-38171
was published
for
Microsoft.Native.Quic.MsQuic.OpenSSL
(NuGet)
Oct 10, 2023
Microsoft Common Data Model SDK Denial of Service Vulnerability
Moderate
CVE-2023-36566
was published
for
Microsoft.CommonDataModel.ObjectModel
(Maven)
Oct 10, 2023
Azure Identity SDK Remote Code Execution Vulnerability
High
CVE-2023-36414
was published
for
Azure.Identity
(NuGet)
Oct 10, 2023
Microsoft Security Advisory CVE-2023-33170: .NET Security Feature Bypass Vulnerability
High
CVE-2023-33170
was published
for
Microsoft.AspNet.Identity.Owin
(NuGet)
Jul 11, 2023
.NET Remote Code Execution Vulnerability
High
CVE-2023-35390
was published
for
Microsoft.NET.Build.Containers
(NuGet)
Aug 9, 2023
Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability
Moderate
CVE-2023-36799
was published
for
Microsoft.NETCore.App.Runtime.linux-arm
(NuGet)
Sep 12, 2023
MsQuic Remote Denial of Service Vulnerability
High
CVE-2023-36435
was published
for
Microsoft.Native.Quic.MsQuic.OpenSSL
(NuGet)
Oct 10, 2023
.NET Denial of Service Vulnerability
High
CVE-2023-38178
was published
for
Microsoft.AspNetCore.App.Runtime.win-arm
(NuGet)
Aug 9, 2023
Microsoft Security Advisory CVE-2023-33127: .NET Remote Code Execution Vulnerability
High
CVE-2023-33127
was published
for
Microsoft.WindowsDesktop.App.Runtime.win-arm64
(NuGet)
Jul 11, 2023
YARP Denial of Service Vulnerability
High
CVE-2023-33141
was published
for
Yarp.ReverseProxy
(NuGet)
Jun 23, 2023
.NET Denial of Service Vulnerability
High
CVE-2023-21538
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
Jan 10, 2023
.NET Remote Code Execution Vulnerability
High
CVE-2023-24897
was published
for
Microsoft.NetCore.App.Runtime.win-arm
(NuGet)
Jun 14, 2023
.NET Remote Code Execution Vulnerability
High
CVE-2023-21808
was published
for
Microsoft.NetCore.App.Runtime.win-arm
(NuGet)
Feb 14, 2023
.NET Remote Code Execution Vulnerability
High
CVE-2023-33128
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
Jun 14, 2023
NuGet Client Remote Code Execution Vulnerability
High
CVE-2023-29337
was published
for
Microsoft.Build.NuGetSdkResolver
(NuGet)
Jun 14, 2023
.NET Denial of Service vulnerability
High
CVE-2023-29331
was published
for
Microsoft.NetCore.App.Runtime.linux-arm
(NuGet)
Jun 14, 2023
ProTip!
Advisories are also available from the
GraphQL API