Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Advisories

Moderate

GSA_kwCzR0hTQS0zdzl3LTk4MzMtZ2Nwds4AAxJI

Security bug in ConvertToSinglePlane when used with untrusted content from the DDS loader
Ecosystems: nuget
Packages: directxtex_desktop_2017, directxtex_uwp, directxtex_desktop_win10, directxtex_desktop_2019
Source: GitHub Advisory Database
Published: 3 days ago

High

GSA_kwCzR0hTQS04ZjdmLXZxZzUtanJ2Oc4AAw3c

.NET Denial of Service Vulnerability
Ecosystems: nuget
Packages: Microsoft.NetCore.App.Runtime.win-x86, Microsoft.NetCore.App.Runtime.win-x64, Microsoft.NetCore.App.Runtime.win-arm64, Microsoft.NetCore.App.Runtime.win-arm, Microsoft.NetCore.App.Runtime.osx-x64, Microsoft.NetCore.App.Runtime.osx-arm64, Microsoft.NetCore.App.Runtime.linux-x64, Microsoft.NetCore.App.Runtime.linux-musl-x64, Microsoft.NetCore.App.Runtime.linux-musl-arm64, Microsoft.NetCore.App.Runtime.linux-musl-arm, Microsoft.NetCore.App.Runtime.linux-arm64, Microsoft.NetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Published: 18 days ago

Low

GSA_kwCzR0hTQS12cTIzLWh3ZzctaHhyaM4AAwfq

EnumStringValues vulnerable to Uncontrolled Resource Consumption
Ecosystems: nuget
Packages: EnumStringValues
Source: GitHub Advisory Database
Published: about 1 month ago

Critical

GSA_kwCzR0hTQS1nM3djLXh2OTMtNDQ1cc4AAwZM

DNS NuGet package uses insufficiently random values
Ecosystems: nuget
Packages: DNS
Source: GitHub Advisory Database
Published: about 1 month ago

Critical

GSA_kwCzR0hTQS0yYzd2LXFjanAtNG1nMs4AAwWz

.NET Remote Code Execution Vulnerability
Ecosystems: nuget
Packages: Microsoft.WindowsDesktop.App.Runtime.win-x64, Microsoft.WindowsDesktop.App.Runtime.win-x86, Microsoft.WindowsDesktop.App.Runtime.win-arm64
Source: GitHub Advisory Database
Published: about 2 months ago

High

GSA_kwCzR0hTQS05cWNtLWZxajktOTNtNM4AAwU2

.NET Framework Remote Code Execution Vulnerability.
Ecosystems: nuget
Packages: Microsoft.WindowsDesktop.App.Runtime.win-x64
Source: GitHub Advisory Database
Published: about 2 months ago

Moderate

GSA_kwCzR0hTQS1nZzhyLXhqd3EtNHc5Ms4AAwOk

Cross-site scripting vulnerability in TinyMCE alerts
Ecosystems: nuget, packagist, npm
Packages: TinyMCE, tinymce/tinymce, tinymce
Source: GitHub Advisory Database
Published: about 2 months ago

Moderate

GSA_kwCzR0hTQS12eDJ4LTljZmYtZmhqd84AAwLo

DSInternals Credential Roaming Elevation of Privilege Vulnerability
Ecosystems: nuget
Packages: DSInternals.Common
Source: GitHub Advisory Database
Published: about 2 months ago

Low

GSA_kwCzR0hTQS1qZjJwLTRncWotODQ5Z84AAwED

Temporary File Information Disclosure vulnerability in MPXJ
Ecosystems: pypi, nuget, maven
Packages: mpxj, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Published: 2 months ago

Moderate

GSA_kwCzR0hTQS1ncHY1LXJwNnctNThyOM4AAv_m

Remote code execution vulnerability in dependency System.Drawing.Common
Ecosystems: nuget
Packages: Akka
Source: GitHub Advisory Database
Published: 2 months ago

Moderate

GSA_kwCzR0hTQS04ZzJwLTVwcWgtNWptY84AAvv2

.NET Information Disclosure Vulnerability
Ecosystems: nuget
Packages: Microsoft.Data.SqlClient, System.Data.SqlClient
Source: GitHub Advisory Database
Published: 3 months ago

High

GSA_kwCzR0hTQS1yaDU4LXI3amgteGh4M84AAvhD

.NET Core Elevation of Privilege Vulnerability
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.rhel.6-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.Mono.linux-arm, Microsoft.NETCore.App.Runtime.Mono.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64, Microsoft.NETCore.App.Runtime.Mono.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64, Microsoft.NETCore.App.Runtime.Mono.osx-x64, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-x86
Source: GitHub Advisory Database
Published: 3 months ago

High

GSA_kwCzR0hTQS00ODVwLW1yajUtOHcyds4AAvgP

.NET Denial of Service Vulnerability
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Published: 3 months ago

High

GSA_kwCzR0hTQS1jdzk4LTlqOHctd3h2Oc4AAvgO

High

GSA_kwCzR0hTQS14NDU5LXAycngtZjhmZs4AAvgN

Moderate

GSA_kwCzR0hTQS12Z3dxLWhmcWMtNTh3ds4AAvfI

.NET Core Information Disclosure Vulnerability
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.Mono.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-x64, Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64, Microsoft.NETCore.App.Runtime.Mono.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-arm, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App.Runtime.rhel.6-x64, Microsoft.NETCore.App
Source: GitHub Advisory Database
Published: 3 months ago

High

GSA_kwCzR0hTQS1jNnc4LTdtcDMtMzRqOc4AAvat

.NET Remote Code Execution Vulnerability
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.osx-arm64, Microsoft.NETCore.App.Runtime.Mono.win-x86, Microsoft.NETCore.App.Runtime.Mono.win-x64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64, Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.tvos-arm64, Microsoft.NETCore.App.Runtime.Mono.osx-x64, Microsoft.NETCore.App.Runtime.Mono.osx-arm64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-x64, Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64, Microsoft.NETCore.App.Runtime.Mono.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-arm, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64, Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.ios-arm64, Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.ios-arm, Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.browser-wasm, Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.android-x86, Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.android-x64, Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.android-arm64, Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.android-arm, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm.Msi.x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86.Msi.x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64.Msi.x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm.Msi.x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-x64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvos-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-x64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-x86, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-x64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.browser-wasm, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-x86, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-x64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-arm, Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.browser-wasm, Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-x86, Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-x64, Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm64, Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm
Source: GitHub Advisory Database
Published: 3 months ago

High

GSA_kwCzR0hTQS1nM3E5LXhmOTUtOGhwNc4AAvPg

NuGet Elevation of Privilege Vulnerability
Ecosystems: nuget
Packages: NuGet.Protocol, NuGet.CommandLine, NuGet.Commands
Source: GitHub Advisory Database
Published: 4 months ago

Moderate

GSA_kwCzR0hTQS01Z2c5LWd3ajQtbXFtas4AAvKC

OrchardCore vulnerable to HTML injection
Ecosystems: nuget
Packages: OrchardCore
Source: GitHub Advisory Database
Published: 4 months ago

Moderate

GSA_kwCzR0hTQS05dzcyLTJmMjMtNTdnbc4AAvJm

DNN vulnerable to Relative Path Traversal
Ecosystems: nuget
Packages: DotNetNuke.Web, DotNetNuke.Core
Source: GitHub Advisory Database
Published: 4 months ago

Critical

GSA_kwCzR0hTQS1nZmhwLWpncDYtODM4as4AAvIk

Orckestra C1 CMS's deserialization of untrusted data allows for arbitrary code execution.
Ecosystems: nuget
Packages: CompositeC1.Core
Source: GitHub Advisory Database
Published: 4 months ago

High

GSA_kwCzR0hTQS1yOG0yLTR4MzctNjU5Ms4AAuzv

High

GSA_kwCzR0hTQS1mY2c4LW1nOWctNmhjNM4AAuij

.NET Denial of Service Vulnerability
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.win-x64
Source: GitHub Advisory Database
Published: 5 months ago

High

GSA_kwCzR0hTQS0zcnE4LWgzZ2otcjVjNs4AAuii

.NET Denial of Service Vulnerability
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.Owin, Microsoft.Owin.Security.Cookies, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.win-x64
Source: GitHub Advisory Database
Published: 5 months ago

Moderate

GSA_kwCzR0hTQS1tdzloLWhjcDctZmdjNs4AAual

Exposure of Sensitive Information in OPCFoundation.NetStandard.Opc.Ua.Server
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Server
Source: GitHub Advisory Database
Published: 5 months ago

High

GSA_kwCzR0hTQS1xd3AzLTVmdzMtNXdnds4AAuWw

Incorrect Access Control and Cross Site Scripting in Jellyfin
Ecosystems: nuget
Packages: Jellyfin.Common
Source: GitHub Advisory Database
Published: 5 months ago

Critical

GSA_kwCzR0hTQS1tajV3LXc1ODgtajZ4Z84AAuFw

Use of Hard-coded Credentials in AgileConfig.Client
Ecosystems: nuget
Packages: AgileConfig.Client
Source: GitHub Advisory Database
Published: 5 months ago

Moderate

GSA_kwCzR0hTQS0ybTY1LW0yMnAtOXdqd84AAt43

.NET Information Disclosure Vulnerability
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.win-x64, System.Security.Cryptography.Xml
Source: GitHub Advisory Database
Published: 6 months ago

Moderate

GSA_kwCzR0hTQS02NHg0LTloYzYtcjJoNs4AAtUo

Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption Library
Ecosystems: nuget
Packages: Azure.Storage.Blobs, Azure.Storage.Queues
Source: GitHub Advisory Database
Published: 7 months ago

High

GSA_kwCzR0hTQS13YzY5LXJoanItaGM5Z84AAtHU

Moment.js vulnerable to Inefficient Regular Expression Complexity
Ecosystems: nuget, npm
Packages: Moment.js, moment
Source: GitHub Advisory Database
Published: 7 months ago

High

GSA_kwCzR0hTQS01Y3JwLTlyM2MtcDl2cs4AAs6x

Improper Handling of Exceptional Conditions in Newtonsoft.Json
Ecosystems: nuget
Packages: Newtonsoft.Json
Source: GitHub Advisory Database
Published: 7 months ago

High

GSA_kwCzR0hTQS1yN3BxLTN4NnAtN2pjbc4AArtZ

Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS12aGZ3LXY2OXAtY3Jjd84AArtX

Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS1mdnhmLXI5ZnctNDlwY84AArtW

Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua.Core
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS02ZnA4LWN4YzktNGZyOc4AArtV

Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS01cTJ2LTZqODYtNWg5ds4AArtU

Security Update for the OPC UA .NET Standard Stack
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Published: 8 months ago

Moderate

GSA_kwCzR0hTQS0zODg1LThncWMtM3dwZs4AArjp

Potential leak of NuGet.org API key
Ecosystems: nuget
Packages: NuGet.CommandLine.XPlat, NuGet.CommandLine, NuGet.Commands
Source: GitHub Advisory Database
Published: 8 months ago

Moderate

GSA_kwCzR0hTQS00cWY2LXZwajgtcDRyNs4AArXo

Cross site scripting in SSCMS
Ecosystems: nuget
Packages: SSCMS
Source: GitHub Advisory Database
Published: 8 months ago

Moderate

GSA_kwCzR0hTQS03MnA4LXY0aGctdjQ1cM4AArTX

Weak private key generation in SSH.NET
Ecosystems: nuget
Packages: SSH.NET
Source: GitHub Advisory Database
Published: 8 months ago

Moderate

GSA_kwCzR0hTQS1oYzcyLXZqM2ctNWcyZ84AArN9

Cross-site Scripting in ZKEACMS
Ecosystems: nuget
Packages: ZKEACMS.Publisher
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS01eHI1LXYyaDctMnc3d84AArMn

SQL injection in SiteServer CMS
Ecosystems: nuget
Packages: SSCMS
Source: GitHub Advisory Database
Published: 8 months ago

Moderate

GSA_kwCzR0hTQS0yeHdwLTdqM3AtYzc4eM4AArMV

Cross site scripting in SiteServer CMS
Ecosystems: nuget
Packages: SSCMS
Source: GitHub Advisory Database
Published: 8 months ago

Moderate

GSA_kwCzR0hTQS14cjhmLTU5cHAtcnh4aM4AAq4d

Elevation of privilege in ASP.NET Core
Ecosystems: nuget
Packages: Microsoft.AspNetCore.SpaServices
Source: GitHub Advisory Database
Published: 8 months ago

Moderate

GSA_kwCzR0hTQS12Y2ZjLTl3Y3AtajYyM84AAq1_

Cross site scripting attack in ServiceStack Framework
Ecosystems: nuget
Packages: ServiceStack
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS1qZ3JwLTZxcXEtMzI4NM4AAqo5

Chakra Scripting Engine and ChakraCore Vulnerable to Memory Corruption
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Published: 8 months ago

Critical

GSA_kwCzR0hTQS1yeGc5LXhyaHAtNjRnas4AAnr8

.NET Core Remote Code Execution Vulnerability
Ecosystems: nuget
Packages: System.Drawing.Common
Source: GitHub Advisory Database
Published: 8 months ago

Moderate

GSA_kwCzR0hTQS0zZ3A5LWg4aHctcHhwd84AAnq3

Denial of service in .NET core
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.tvos-x64, Microsoft.NETCore.App.Runtime.tvos-arm64, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App.Runtime.ios-x86, Microsoft.NETCore.App.Runtime.ios-x64, Microsoft.NETCore.App.Runtime.ios-arm, Microsoft.NETCore.App.Runtime.browser-wasm, Microsoft.NETCore.App.Runtime.android-x86, Microsoft.NETCore.App.Runtime.android-x64, Microsoft.NETCore.App.Runtime.android-arm64, Microsoft.NETCore.App.Runtime.android-arm, Microsoft.NETCore.App.Runtime.Mono.osx-x64, Microsoft.NETCore.App.Runtime.Mono.linux-x64, Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64, Microsoft.NETCore.App.Runtime.Mono.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-arm, Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64, Microsoft.NETCore.App.Runtime.rhel.6-x64, Microsoft.NETCore.App.Host.win-x86, Microsoft.NETCore.App.Host.win-x64, Microsoft.NETCore.App.Host.win-arm64, Microsoft.NETCore.App.Host.win-arm, Microsoft.NETCore.App.Host.rhel.6-x64, Microsoft.NETCore.App.Host.osx-x64, Microsoft.NETCore.App.Host.linux-x64, Microsoft.NETCore.App.Host.linux-musl-x64, Microsoft.NETCore.App.Host.linux-musl-arm64, Microsoft.NETCore.App.Host.linux-arm64, Microsoft.NETCore.App.Host.linux-arm, Microsoft.NETCore.App
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS0yNDJqLTJnbTYtNXJ3eM4AAnLl

ASP.NET Core and Visual Studio Denial of Service Vulnerability
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm, Microsoft.AspNetCore.Server.Kestrel.Core
Source: GitHub Advisory Database
Published: 8 months ago

Moderate

GSA_kwCzR0hTQS01djh2LTY2djgtbXdtN84AAl70

Integer overflow in the bundled Brotli C library
Ecosystems: nuget, cargo
Packages: Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.osx-arm64, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App.Runtime.Mono.win-x86, Microsoft.NETCore.App.Runtime.Mono.win-x64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64, Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.tvos-arm64, Microsoft.NETCore.App.Runtime.Mono.osx-x64, Microsoft.NETCore.App.Runtime.Mono.osx-arm64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-x64, Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64, Microsoft.NETCore.App.Runtime.Mono.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-arm, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64, Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.ios-arm64, Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.ios-arm, Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.browser-wasm, Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.android-x86, Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.android-x64, Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.android-arm64, Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.android-arm, Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm.Msi.x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86.Msi.x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64.Msi.x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm.Msi.x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-x64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvos-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-x64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-x86, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-x64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.browser-wasm, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-x86, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-x64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-arm, Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.browser-wasm, Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-x86, Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-x64, Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm64, Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm, Microsoft.NETCore.App.Runtime.browser-wasm, compu-brotli-sys
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS1oeHJtLTl3N3AtMzljY84AAl4k

Cookie parsing failure
Ecosystems: nuget
Packages: Microsoft.AspNetCore.Http, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm, Microsoft.Owin, Microsoft.AspNetCore.App
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS1mOHF4LW1qY3Etd2ZneM4AAlpY

ASP.NET Core Denial of Service Vulnerability
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm, Microsoft.AspNetCore.All, Microsoft.AspNetCore.App
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS1nNXZmLTM4Y3AtNHB4Oc4AAlS9

.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.rhel.6-x64, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS0zY2Y3LTd3cTYtODg0Ms4AAkxb

ASP.NET Core Denial of Service Vulnerability
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS0zdzVwLWpocDUtYzI5cc4AAkwg

.NET Core & .NET Framework Denial of Service Vulnerability
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.rhel.6-x64, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS02NTVxLTlndmctcTRjbc4AAjQ_

Remote code execution in ASP.NET Core
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm, Microsoft.AspNetCore.Http.Connections, Microsoft.AspNetCore.App, Microsoft.AspNetCore.All
Source: GitHub Advisory Database
Published: 8 months ago

Moderate

GSA_kwCzR0hTQS0yM2N2LWpoNHYtdmZmbc4AAjRA

Denial of service in ASP.NET Core
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm, Microsoft.AspNetCore.Http.Connections, Microsoft.AspNetCore.App, Microsoft.AspNetCore.All
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS1yNG13LWd4ZjctdnhyOc4AAjRD

Remote code execution in Microsoft.WindowsDesktop.App.Ref
Ecosystems: nuget
Packages: Microsoft.WindowsDesktop.App.Runtime.win-x64, Microsoft.WindowsDesktop.App.Runtime.win-x86, Microsoft.WindowsDesktop.App.Ref
Source: GitHub Advisory Database
Published: 8 months ago

Moderate

GSA_kwCzR0hTQS1wcnJmLTM5N3YtODN4aM4AAhTD

Open redirect in ASP.NET Core
Ecosystems: nuget
Packages: Microsoft.AspNetCore.Server.HttpSys, Microsoft.AspNetCore.Server.IIS, Microsoft.AspNetCore.All, Microsoft.AspNetCore.App
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS00anh4LTRxeHctcHJ4bc4AAguX

Denial of service in ASP.NET Core
Ecosystems: nuget
Packages: Microsoft.AspNetCore.SignalR.Protocols.MessagePack
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS01ZjJtLTQ2NmotMzg0OM4AAguS

Denial of service in ASP.NET Core
Ecosystems: nuget
Packages: System.Private.Uri
Source: GitHub Advisory Database
Published: 8 months ago

High

GSA_kwCzR0hTQS14aGZjLWdyOGYtZmZ3Y84AAguU

Denial of service in ASP.NET Core
Ecosystems: nuget
Packages: System.Private.Uri
Source: GitHub Advisory Database
Published: 8 months ago

Critical

GSA_kwCzR0hTQS05ZmM1LXEyNWMtcjJ3cs4AAgVP

Jasig Java CAS Client, .NET CAS Client, and phpCAS contain URL parameter injection vulnerability
Ecosystems: packagist, maven, nuget
Packages: jasig/phpcas, org.jasig.cas:cas-client, DotNetCasClient
Source: GitHub Advisory Database
Published: 9 months ago

Critical

GSA_kwCzR0hTQS1teDNxLWoyZzItNXF4cc4AAbIQ

Deserialization of Untrusted Data in NancyFX Nancy
Ecosystems: nuget
Packages: Nancy
Source: GitHub Advisory Database
Published: 9 months ago

High

GSA_kwCzR0hTQS04ODg0LXhjcjQtcjY4cM4AAYFv

Improper Input Validation in Microsoft.NETCore.App
Ecosystems: nuget
Packages: Microsoft.NETCore.App
Source: GitHub Advisory Database
Published: 9 months ago

Critical

GSA_kwCzR0hTQS1xajkzLTM3ZjUtbXIyOc4AAX6N

Improper Input Validation in IpMatcher
Ecosystems: nuget
Packages: IpMatcher
Source: GitHub Advisory Database
Published: 9 months ago

High

GSA_kwCzR0hTQS0zd2NqLXJnOHEtOWNxds4AAXe1

Open redirect in ASP.NET Core
Ecosystems: nuget
Packages: Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.All
Source: GitHub Advisory Database
Published: 9 months ago

Moderate

GSA_kwCzR0hTQS1wOXd4LXYyNjQtcTM0cM4AAWUJ

Improper Certificate Validation in Microsoft .NET Framework components
Ecosystems: nuget
Packages: System.ServiceModel.Security, System.ServiceModel.Duplex, System.ServiceModel.Primitives, System.ServiceModel.NetTcp, System.ServiceModel.Http, System.Private.ServiceModel
Source: GitHub Advisory Database
Published: 9 months ago

High

GSA_kwCzR0hTQS02cHg4LTIydzUtdzMzNM4AAUYz

Denial of service in ASP.NET Core
Ecosystems: nuget
Packages: Microsoft.AspNetCore.All, Microsoft.AspNetCore.App, Microsoft.NETCore.App, System.Net.WebSockets.WebSocketProtocol, Microsoft.AspNetCore.Server.Kestrel.Core, Microsoft.AspNetCore.WebSockets
Source: GitHub Advisory Database
Published: 9 months ago

High

GSA_kwCzR0hTQS0yeGp4LXY5OXctZ3FmM84AAUYx

Exposure of Sensitive Information in System.Net.Http
Ecosystems: nuget
Packages: Microsoft.NETCore.App
Source: GitHub Advisory Database
Published: 9 months ago

Moderate

GSA_kwCzR0hTQS14NXFqLTl2bXgtN2c2Z84AAUDs

Improper Input Validation in .Net Framework API's
Ecosystems: nuget
Packages: System.Private.Uri, Microsoft.NETCore.App
Source: GitHub Advisory Database
Published: 9 months ago

High

GSA_kwCzR0hTQS0zcnA2LXJqdzQtY3EzOc4AASeG

Cross-origin Resource Sharing bypass in ASP.NET Core
Ecosystems: nuget
Packages: Microsoft.AspNetCore.Mvc.Cors, Microsoft.AspNetCore.Mvc.Core
Source: GitHub Advisory Database
Published: 9 months ago

High

GSA_kwCzR0hTQS1mOWpjLXJybTItcG1mZ84AAR_o

Denial of service in ASP.NET Core
Ecosystems: nuget
Packages: Microsoft.AspNetCore.Server.HttpSys, Microsoft.Net.Http.Server, Microsoft.AspNetCore.Server.WebListener
Source: GitHub Advisory Database
Published: 9 months ago

Moderate

GSA_kwCzR0hTQS1jcWo0LW0ycGMtdjltNc4AARRG

Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib
Ecosystems: nuget
Packages: SharpZipLib
Source: GitHub Advisory Database
Published: 9 months ago

Moderate

GSA_kwCzR0hTQS01NjMzLWYzM2otYzZmN83_9A

Tampering vulnerability in .NET Core
Ecosystems: nuget
Packages: Microsoft.NETCore.App
Source: GitHub Advisory Database
Published: 9 months ago

Moderate

GSA_kwCzR0hTQS04aDdwLXFqdjgtOW1wNM39jw

Improper Access Control in Telerik Extensions
Ecosystems: nuget
Packages: TelerikMvcExtensions
Source: GitHub Advisory Database
Published: 9 months ago

High

GSA_kwCzR0hTQS14Y3ZyLXF2OGgtbTd4d83t4g

.NET Core Denial of Service Vulnerability
Ecosystems: nuget
Packages: Microsoft.NETCore.Jit
Source: GitHub Advisory Database
Published: 9 months ago

High

GSA_kwCzR0hTQS1qd3Z3LXY3YzUtbTgyaM3tlQ

protobuf susceptible to buffer overflow
Ecosystems: pypi, packagist, go, maven, nuget
Packages: protobuf, google/protobuf, github.com/protocolbuffers/protobuf, com.google.protobuf:protobuf-parent, Google.Protobuf
Source: GitHub Advisory Database
Published: 9 months ago

High

GSA_kwCzR0hTQS12aDM4LWdoeDYtdm12Z83X8Q

Code Injection in Masuit.Tools.Core
Ecosystems: nuget
Packages: Masuit.Tools.Core
Source: GitHub Advisory Database
Published: 9 months ago

Moderate

GSA_kwCzR0hTQS1mcnhnLWhmNDQtcTc2Nc0_ow

Exposure of Sensitive Information to an Unauthorized Actor in DisCatSharp
Ecosystems: nuget
Packages: DisCatSharp
Source: GitHub Advisory Database
Published: 9 months ago

High

GSA_kwCzR0hTQS04eGM2LWc4eHctaDJjNM0_nw

YARP Denial of Service Vulnerability
Ecosystems: nuget
Packages: Yarp.ReverseProxy
Source: GitHub Advisory Database
Published: 9 months ago

High

GSA_kwCzR0hTQS03bWZyLTc3NGYtdzVyOc06lg

Improper Certificate Validation
Ecosystems: nuget
Packages: Microsoft.NETCore.App, System.Security.Cryptography.X509Certificates
Source: GitHub Advisory Database
Published: 10 months ago

High

GSA_kwCzR0hTQS1ycXJjLThxOGYtY3A5Y805cw

Infinite loop in .Net Bond
Ecosystems: nuget
Packages: Bond.Core.CSharp
Source: GitHub Advisory Database
Published: 10 months ago

High

GSA_kwCzR0hTQS04aGZqLWoyNHItOTZjNM04JA

Path Traversal: 'dir/../../filename' in moment.locale
Ecosystems: nuget, npm
Packages: Moment.js, moment
Source: GitHub Advisory Database
Published: 10 months ago

High

GSA_kwCzR0hTQS04cHA2LTh4NHEtYzVteM026Q

Server side request forgery in C1 CMS
Ecosystems: nuget
Packages: C1CMS.Assemblies
Source: GitHub Advisory Database
Published: 10 months ago

Critical

GSA_kwCzR0hTQS0yOXJ2LWZxeDItNGM5Zs0z6w

Deserialization of Untrusted Data in SinGooCMS.Utility
Ecosystems: nuget
Packages: SinGooCMS.Utility
Source: GitHub Advisory Database
Published: 11 months ago

Moderate

GSA_kwCzR0hTQS1waDN2LTJocTUtNXFmcc0wiA

Code injection in RazorEngine
Ecosystems: nuget
Packages: RazorEngine
Source: GitHub Advisory Database
Published: 11 months ago

Moderate

GSA_kwCzR0hTQS1nY3g1LTNwNWYtZjh2cM0v5w

Prototype Pollution in jquery.cookie
Ecosystems: nuget
Packages: jquery.cookie
Source: GitHub Advisory Database
Published: 11 months ago

High

GSA_kwCzR0hTQS12djZqLXd3NngtNTRneM0uJA

Use after free in Animation
Ecosystems: nuget
Packages: CefSharp.Wpf.NETCore, CefSharp.WinForms.NETCore, CefSharp.OffScreen.NETCore, CefSharp.Common.NETCore, CefSharp.Wpf.HwndHost, CefSharp.Wpf, CefSharp.WinForms, CefSharp.OffScreen, CefSharp.Common
Source: GitHub Advisory Database
Published: 11 months ago

Moderate

GSA_kwCzR0hTQS1tbTZnLW1tcTYtNTNmZs0mqg

Path Traversal in SharpZipLib
Ecosystems: nuget
Packages: SharpZipLib
Source: GitHub Advisory Database
Published: 12 months ago

Moderate

GSA_kwCzR0hTQS0yeDdoLTk2aDUtcnE4NM0mqw

Path Traversal in SharpZipLib
Ecosystems: nuget
Packages: SharpZipLib
Source: GitHub Advisory Database
Published: 12 months ago

High

GSA_kwCzR0hTQS1tMjJtLWg0cmYtcHdxM80mrA

Path Traversal in SharpZipLib
Ecosystems: nuget
Packages: SharpZipLib
Source: GitHub Advisory Database
Published: 12 months ago

High

GSA_kwCzR0hTQS03N3JtLTl4OWgteGozZ80mxQ

NULL Pointer Dereference in Protocol Buffers
Ecosystems: pypi, go, maven, packagist, nuget
Packages: protobuf, github.com/protocolbuffers/protobuf, com.google.protobuf:protobuf-parent, google/protobuf, Google.Protobuf
Source: GitHub Advisory Database
Published: about 1 year ago

Moderate

Moderate 4,436 High 4,135 Critical 1,883 Low 622

Filter by Ecosystem

maven 3,447 npm 2,945 pypi 2,359 packagist 1,374 go 940 nuget 899 rubygems 638 cargo 573 hex 21 actions 6 pub 4

Filter by Package