Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
nuget Security Advisories
Browse all Security Advisories for nuget
Loading...
High
Ecosystems: nuget
Packages: ProDotNetZip, DotNetZip
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 days ago
GSA_kwCzR0hTQS14aGc2LTlqNWotdzR2Zs4ABBTC
DotNetZip Directory Traversal vulnerabilityEcosystems: nuget
Packages: ProDotNetZip, DotNetZip
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 days ago
Critical
Ecosystems: nuget
Packages: System.Formats.Nrbf
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 days ago
GSA_kwCzR0hTQS12N3ZmLWY1cTYtbTg5Oc4ABBRV
.NET Remote Code Execution VulnerabilityEcosystems: nuget
Packages: System.Formats.Nrbf
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 days ago
Low
Ecosystems: nuget
Packages: System.Formats.Nrbf
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 days ago
GSA_kwCzR0hTQS02eDM2LXF4bWotcnY0cM4ABBRU
.NET Denial of Service VulnerabilityEcosystems: nuget
Packages: System.Formats.Nrbf
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 days ago
Moderate
Ecosystems: nuget
Packages: Duende.AccessTokenManagement.OpenIdConnect
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 13 days ago
GSA_kwCzR0hTQS03bXI3LTRmNTQtdmN4Nc4ABBEa
HTTP Client uses incorrect token after refreshEcosystems: nuget
Packages: Duende.AccessTokenManagement.OpenIdConnect
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 13 days ago
Critical
Ecosystems: nuget
Packages: Refit
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 16 days ago
GSA_kwCzR0hTQS0zaHhnLWZ4d20tOGdmN84ABA9E
CRLF injection in Refit's [Header], [HeaderCollection] and [Authorize] attributesEcosystems: nuget
Packages: Refit
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 16 days ago
Low
Ecosystems: nuget
Packages: Umbraco.Cms.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 17 days ago
GSA_kwCzR0hTQS00Z21xLW05dnAtanJ3Z84ABA7d
Umbraco CMS Cross-site Scripting vulnerabilityEcosystems: nuget
Packages: Umbraco.Cms.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 17 days ago
High
Ecosystems: nuget
Packages: Lucene.Net.Replicator
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 21 days ago
GSA_kwCzR0hTQS0ycXc4LXBwcjUtbTk2Y84ABA1x
Apache Lucene.Net.Replicator Deserialization of Untrusted Data vulnerabilityEcosystems: nuget
Packages: Lucene.Net.Replicator
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 21 days ago
Moderate
Ecosystems: nuget
Packages: ICG.AspNetCore.Utilities.CloudStorage
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 22 days ago
GSA_kwCzR0hTQS0yNG1jLWdjNTItNDdqds4ABA0e
ICG.AspNetCore.Utilities.CloudStorage's Secure Token Durations Different Than ExpectedEcosystems: nuget
Packages: ICG.AspNetCore.Utilities.CloudStorage
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 22 days ago
Low
Ecosystems: nuget
Packages: Duende.IdentityServer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 23 days ago
GSA_kwCzR0hTQS12OXhxLTJtdm0teDh4Y84ABAuY
Duende IdentityServer has insufficient validation of DPoP cnf claim in Local APIsEcosystems: nuget
Packages: Duende.IdentityServer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 23 days ago
Moderate
Ecosystems: nuget, pypi, rubygems, maven
Packages: MPXJ.Net, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, mpxj, net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: 23 days ago
GSA_kwCzR0hTQS1qOTQ1LWM0NHYtOTdnNs4ABAt9
MPXJ has a Potential Path Traversal VulnerabilityEcosystems: nuget, pypi, rubygems, maven
Packages: MPXJ.Net, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, mpxj, net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Blast Radius: 17.0
Published: 23 days ago
Moderate
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 30 days ago
GSA_kwCzR0hTQS13eHc5LTZwdjktYzN4Y84ABAkj
Umbraco CMS Has Incomplete Server Termination During Explicit Sign-OutEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 30 days ago
Moderate
Ecosystems: nuget
Packages: Umbraco.Cms, UmbracoCms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 30 days ago
GSA_kwCzR0hTQS01OTU1LWN3djQtaDdxaM4ABAki
Umbraco has a Potential Code Execution Risk When Viewing SVG Files in Full Screen in BackofficeEcosystems: nuget
Packages: Umbraco.Cms, UmbracoCms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 30 days ago
Moderate
Ecosystems: nuget
Packages: UmbracoCMS, Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 30 days ago
GSA_kwCzR0hTQS1mcDZxLWdjY3ctN3Fxbc4ABAkh
Umbraco CMS logout page displayed before session expirationEcosystems: nuget
Packages: UmbracoCMS, Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 30 days ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 30 days ago
GSA_kwCzR0hTQS00Z3A5LWZmOTktajZ2as4ABAkg
Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook APIEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 30 days ago
Moderate
Ecosystems: npm, nuget
Packages: @umbraco-cms/backoffice, Umbraco.Cms.StaticAssets
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 30 days ago
GSA_kwCzR0hTQS1jNWc2LTZ4ZjctcXhwM84ABAkf
Umbraco CMS vulnerable to stored Cross-site Scripting in the "dictionary name" on Dictionary sectionEcosystems: npm, nuget
Packages: @umbraco-cms/backoffice, Umbraco.Cms.StaticAssets
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 30 days ago
Moderate
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Core, OPCFoundation.NetStandard.Opc.Ua
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS03dmZoLWNxcGMtNDI2N84ABAbj
Security Update for the OPC UA .NET Standard StackEcosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Core, OPCFoundation.NetStandard.Opc.Ua
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua, OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS1xbTlmLWMzdjktd3Bods4ABAbi
Security Update for the OPC UA .NET Standard StackEcosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua, OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
Ecosystems: nuget
Packages: MessagePack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS00cW00LThoZzItZzJ4bc4ABAZj
MessagePack allows untrusted data to lead to DoS attack due to hash collisions and stack overflowEcosystems: nuget
Packages: MessagePack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
Ecosystems: nuget
Packages: System.Text.Json
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: about 1 month ago
GSA_kwCzR0hTQS04ZzRxLXhnNjYtOWZwNM4ABAFe
Microsoft Security Advisory CVE-2024-43485 | .NET Denial of Service VulnerabilityEcosystems: nuget
Packages: System.Text.Json
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: about 1 month ago
High
Ecosystems: nuget
Packages: System.IO.Packaging
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS1mMzJjLXc0NDQtOHBwds4ABAFd
Microsoft Security Advisory CVE-2024-43484 | .NET Denial of Service VulnerabilityEcosystems: nuget
Packages: System.IO.Packaging
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
Ecosystems: nuget
Packages: Microsoft.Extensions.Caching.Memory, System.IO.Packaging, System.Security.Cryptography.Cose
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS1xajY2LW04OGotaG1nas4ABAFc
Microsoft Security Advisory CVE-2024-43483 | .NET Denial of Service VulnerabilityEcosystems: nuget
Packages: Microsoft.Extensions.Caching.Memory, System.IO.Packaging, System.Security.Cryptography.Cose
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS03dnc5LWNmd3gtOWd4Oc4ABADL
Microsoft Security Advisory CVE-2024-38229 | .NET Remote Code Execution VulnerabilityEcosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
Ecosystems: nuget
Packages: RestSharp
Source: GitHub Advisory Database
Blast Radius: 9.6
Published: 3 months ago
GSA_kwCzR0hTQS00cnI2LTJ2OXYtd2NwY84AA_CY
CRLF Injection in RestSharp's `RestRequest.AddHeader` methodEcosystems: nuget
Packages: RestSharp
Source: GitHub Advisory Database
Blast Radius: 9.6
Published: 3 months ago
Moderate
Ecosystems: nuget
Packages: Serilog.Enrichers.ClientInfo
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS01eDVxLWNxZjYtZ2o4cs4AA_CL
Serilog Client IP Spoofing vulnerabilityEcosystems: nuget
Packages: Serilog.Enrichers.ClientInfo
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
Ecosystems: nuget
Packages: Umbraco.Cms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS1ocnd3LXgzZnEteGN2aM4AA-z9
Umbraco CMS Improper Access Control vulnerabilityEcosystems: nuget
Packages: Umbraco.Cms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
Ecosystems: nuget
Packages: Umbraco.Cms.Api.Management
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS03N2dqLWNyaHAtM2d2eM4AA-zy
Umbraco CMS vulnerable to Generation of Error Message Containing Sensitive InformationEcosystems: nuget
Packages: Umbraco.Cms.Api.Management
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS03cXJ2LThmOXgtM2gzMs4AA-nq
Microsoft Security Advisory CVE-2024-38168 | .NET Denial of Service VulnerabilityEcosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
Ecosystems: nuget
Packages: Microsoft.NetCore.App.Runtime.win-x86, Microsoft.NetCore.App.Runtime.win-x64, Microsoft.NetCore.App.Runtime.win-arm64, Microsoft.NetCore.App.Runtime.win-arm, Microsoft.NetCore.App.Runtime.osx-x64, Microsoft.NetCore.App.Runtime.osx-arm64, Microsoft.NetCore.App.Runtime.linux-x64, Microsoft.NetCore.App.Runtime.linux-musl-x64, Microsoft.NetCore.App.Runtime.linux-musl-arm64, Microsoft.NetCore.App.Runtime.linux-musl-arm, Microsoft.NetCore.App.Runtime.linux-arm64, Microsoft.NetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS0zcjM0LXI2dzMtZnFwNs4AA-np
Microsoft Security Advisory CVE-2024-38167 | .NET Information Disclosure VulnerabilityEcosystems: nuget
Packages: Microsoft.NetCore.App.Runtime.win-x86, Microsoft.NetCore.App.Runtime.win-x64, Microsoft.NetCore.App.Runtime.win-arm64, Microsoft.NetCore.App.Runtime.win-arm, Microsoft.NetCore.App.Runtime.osx-x64, Microsoft.NetCore.App.Runtime.osx-arm64, Microsoft.NetCore.App.Runtime.linux-x64, Microsoft.NetCore.App.Runtime.linux-musl-x64, Microsoft.NetCore.App.Runtime.linux-musl-arm64, Microsoft.NetCore.App.Runtime.linux-musl-arm, Microsoft.NetCore.App.Runtime.linux-arm64, Microsoft.NetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
Ecosystems: nuget
Packages: IdentityServer4
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS01NXA3LXYyMjMteDM2Ns4AA-TC
IdentityServer Open Redirect vulnerabilityEcosystems: nuget
Packages: IdentityServer4
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Moderate
Ecosystems: nuget
Packages: IdentityServer4, Duende.IdentityServer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS1mZjRxLTY0amMtZ3g5OM4AA-Sq
IdentityServer Open Redirect vulnerabilityEcosystems: nuget
Packages: IdentityServer4, Duende.IdentityServer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
Ecosystems: nuget
Packages: Tgstation.Server.Host, Tgstation.Server.Api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS1jM2g0LTlnYzItZjdoNM4AA-MZ
tgstation-server's DreamMaker environment files outside the deployment directory can be compiled and ran by insufficiently permissioned usersEcosystems: nuget
Packages: Tgstation.Server.Host, Tgstation.Server.Api
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Critical
Ecosystems: nuget
Packages: Csla
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS05eGhoLTNtNzgtZ3Znas4AA-FS
CLSA Directory Traversal vulnerabilityEcosystems: nuget
Packages: Csla
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Moderate
Ecosystems: nuget
Packages: SixLabors.ImageSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS1xeHJ2LWdwNngtcmMyM84AA-FP
SixLabors ImageSharp has Excessive Memory Allocation in Gif DecoderEcosystems: nuget
Packages: SixLabors.ImageSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
Ecosystems: nuget
Packages: SixLabors.ImageSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS02M3A4LWM0d3ctOWNnN84AA-FO
SixLabors ImageSharp Out-of-bounds WriteEcosystems: nuget
Packages: SixLabors.ImageSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Low
Ecosystems: nuget
Packages: Steeltoe.Discovery.ClientAutofac, Steeltoe.Discovery.ClientCore, Steeltoe.Discovery.EurekaBase, Steeltoe.Discovery.Eureka
Source: GitHub Advisory Database
Blast Radius: 0.8
Published: 4 months ago
GSA_kwCzR0hTQS12bWNwLTY2cjUtM3BjcM4AA9-0
Steeltoe Leaks Basic Auth Credentials to Logs After Fetch Registry ErrorEcosystems: nuget
Packages: Steeltoe.Discovery.ClientAutofac, Steeltoe.Discovery.ClientCore, Steeltoe.Discovery.EurekaBase, Steeltoe.Discovery.Eureka
Source: GitHub Advisory Database
Blast Radius: 0.8
Published: 4 months ago
Moderate
Ecosystems: maven, packagist, nuget, rubygems, npm
Packages: org.webjars.npm:bootstrap, org.webjars:bootstrap, twbs/bootstrap, bootstrap.sass, bootstrap-sass, bootstrap
Source: GitHub Advisory Database
Blast Radius: 157.7
Published: 4 months ago
GSA_kwCzR0hTQS05bXZqLWY3dzgtcHZoMs4AA9zw
Bootstrap Cross-Site Scripting (XSS) vulnerabilityEcosystems: maven, packagist, nuget, rubygems, npm
Packages: org.webjars.npm:bootstrap, org.webjars:bootstrap, twbs/bootstrap, bootstrap.sass, bootstrap-sass, bootstrap
Source: GitHub Advisory Database
Blast Radius: 157.7
Published: 4 months ago
Moderate
Ecosystems: maven, packagist, nuget, rubygems, npm
Packages: org.webjars.npm:bootstrap, org.webjars:bootstrap, twbs/bootstrap, bootstrap.sass, bootstrap
Source: GitHub Advisory Database
Blast Radius: 153.3
Published: 4 months ago
GSA_kwCzR0hTQS12Yzh3LWpyOXYtdmo3Zs4AA90M
Bootstrap Cross-Site Scripting (XSS) vulnerabilityEcosystems: maven, packagist, nuget, rubygems, npm
Packages: org.webjars.npm:bootstrap, org.webjars:bootstrap, twbs/bootstrap, bootstrap.sass, bootstrap
Source: GitHub Advisory Database
Blast Radius: 153.3
Published: 4 months ago
High
Ecosystems: nuget
Packages: MimeKit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS1nbWM2LWZ3ZzMtNzVtNc4AA9zq
Mimekit has vulnerable dependency that can lead to denial of serviceEcosystems: nuget
Packages: MimeKit
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
Ecosystems: nuget
Packages: System.Formats.Asn1, Microsoft.NetCore.App.Runtime.win-x86, Microsoft.NetCore.App.Runtime.win-x64, Microsoft.NetCore.App.Runtime.win-arm64, Microsoft.NetCore.App.Runtime.win-arm, Microsoft.NetCore.App.Runtime.osx-x64, Microsoft.NetCore.App.Runtime.osx-arm64, Microsoft.NetCore.App.Runtime.linux-x64, Microsoft.NetCore.App.Runtime.linux-musl-x64, Microsoft.NetCore.App.Runtime.linux-musl-arm64, Microsoft.NetCore.App.Runtime.linux-musl-arm, Microsoft.NetCore.App.Runtime.linux-arm64, Microsoft.NetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS00NDdyLXdwaDMtOTJwbc4AA9up
Microsoft Security Advisory CVE-2024-38095 | .NET Denial of Service VulnerabilityEcosystems: nuget
Packages: System.Formats.Asn1, Microsoft.NetCore.App.Runtime.win-x86, Microsoft.NetCore.App.Runtime.win-x64, Microsoft.NetCore.App.Runtime.win-arm64, Microsoft.NetCore.App.Runtime.win-arm, Microsoft.NetCore.App.Runtime.osx-x64, Microsoft.NetCore.App.Runtime.osx-arm64, Microsoft.NetCore.App.Runtime.linux-x64, Microsoft.NetCore.App.Runtime.linux-musl-x64, Microsoft.NetCore.App.Runtime.linux-musl-arm64, Microsoft.NetCore.App.Runtime.linux-musl-arm, Microsoft.NetCore.App.Runtime.linux-arm64, Microsoft.NetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
Ecosystems: nuget
Packages: Microsoft.IO.Redist
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS1ocTd3LXh2NXgtZzM0as4AA9uo
Microsoft Security Advisory CVE-2024-38081 | .NET Denial of Service VulnerabilityEcosystems: nuget
Packages: Microsoft.IO.Redist
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Critical
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS1jaGZjLTl3Nm0tNzVyZs4AA9un
Microsoft Security Advisory CVE-2024-35264 | .NET Remote Code Execution VulnerabilityEcosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
High
Ecosystems: nuget
Packages: System.Text.Json
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: 4 months ago
GSA_kwCzR0hTQS1oaDJ3LXA2cnYtNGc3d84AA9um
Microsoft Security Advisory CVE-2024-30105 | .NET Denial of Service VulnerabilityEcosystems: nuget
Packages: System.Text.Json
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: 4 months ago
High
Ecosystems: nuget
Packages: NHibernate
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS1mZzRxLWNjcTgtM3I1cc4AA9n2
NHibernate SQL injection vulnerability in discriminator mappings, static fields referenced in HQL, and some utilitiesEcosystems: nuget
Packages: NHibernate
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
High
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS00cTJwLWh3bXItcWN4Y84AA9nF
OPCFoundation.NetStandard.Opc.Ua.Core buffer-management vulnerabilityEcosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Moderate
Ecosystems: pypi, packagist, nuget, npm
Packages: django-tinymce, tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 64.7
Published: 5 months ago
GSA_kwCzR0hTQS05aGN2LWo5cHYtcW1waM4AA9LE
TinyMCE Cross-Site Scripting (XSS) vulnerability using noneditable_regexp optionEcosystems: pypi, packagist, nuget, npm
Packages: django-tinymce, tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 64.7
Published: 5 months ago
Moderate
Ecosystems: pypi, packagist, nuget, npm
Packages: django-tinymce, tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 64.7
Published: 5 months ago
GSA_kwCzR0hTQS13OWp4LTRnNmctcnA3eM4AA9LD
TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elementsEcosystems: pypi, packagist, nuget, npm
Packages: django-tinymce, tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 64.7
Published: 5 months ago
High
Ecosystems: nuget
Packages: Microsoft.Azure.Storage.DataMovement
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS0zMmY4LWhtcjMtN3Z4Z84AA88T
Azure Storage Movement Client Library Denial of Service VulnerabilityEcosystems: nuget
Packages: Microsoft.Azure.Storage.DataMovement
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Moderate
Ecosystems: nuget, maven, npm, go, pypi
Packages: Microsoft.Identity.Client, com.microsoft.azure:msal4j, @azure/msal-node, Azure.Identity, github.com/Azure/azure-sdk-for-go/sdk/azidentity, com.azure:azure-identity, @azure/identity, azure-identity
Source: GitHub Advisory Database
Blast Radius: 78.6
Published: 5 months ago
GSA_kwCzR0hTQS1tNXZ2LTZyNGgtM3ZqOc4AA88w
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege VulnerabilityEcosystems: nuget, maven, npm, go, pypi
Packages: Microsoft.Identity.Client, com.microsoft.azure:msal4j, @azure/msal-node, Azure.Identity, github.com/Azure/azure-sdk-for-go/sdk/azidentity, com.azure:azure-identity, @azure/identity, azure-identity
Source: GitHub Advisory Database
Blast Radius: 78.6
Published: 5 months ago
Moderate
Ecosystems: nuget
Packages: Umbraco.Commerce
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1ycGo5LXhqd20td3I2d84AA8jG
Umbraco Commerce vulnerable to Stored Cross-site Scripting on Print FunctionalityEcosystems: nuget
Packages: Umbraco.Commerce
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Low
Ecosystems: nuget
Packages: Umbraco.Forms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1wNTcyLXAycmotcTVmNM4AA8jE
Umbraco Forms components vulnerable to Stored Cross-site ScriptingEcosystems: nuget
Packages: Umbraco.Forms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Moderate
Ecosystems: nuget
Packages: UmbracoCms.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1ndnBjLTNwajYtNG05d84AA8W2
Umbraco CMS Vulnerable to Stored XSS on Content Page Through Markdown Editor Preview PaneEcosystems: nuget
Packages: UmbracoCms.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Moderate
Ecosystems: nuget
Packages: Umbraco.Cms.Web.BackOffice, UmbracoCms.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1qNzRxLW12MmMtcnhtcM4AA8Wz
Umbraco CMS Open Redirect Bypass ProtectionEcosystems: nuget
Packages: Umbraco.Cms.Web.BackOffice, UmbracoCms.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Moderate
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1oaGM3LXg5dzQtY3c0N84AA8EU
Microsoft Security Advisory CVE-2024-30046 | .NET Denial of Service VulnerabilityEcosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Moderate
Ecosystems: nuget
Packages: Microsoft.NetCore.App.Runtime.linux-musl-arm64, Microsoft.NetCore.App.Runtime.win-x86, Microsoft.NetCore.App.Runtime.win-x64, Microsoft.NetCore.App.Runtime.win-arm64, Microsoft.NetCore.App.Runtime.win-arm, Microsoft.NetCore.App.Runtime.osx-x64, Microsoft.NetCore.App.Runtime.osx-arm64, Microsoft.NetCore.App.Runtime.linux-x64, Microsoft.NetCore.App.Runtime.linux-musl-x64, Microsoft.NetCore.App.Runtime.linux-musl-arm, Microsoft.NetCore.App.Runtime.linux-arm64, Microsoft.NetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS03ZmNyLThxdzYtOTJmcs4AA8ET
Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution VulnerabilityEcosystems: nuget
Packages: Microsoft.NetCore.App.Runtime.linux-musl-arm64, Microsoft.NetCore.App.Runtime.win-x86, Microsoft.NetCore.App.Runtime.win-x64, Microsoft.NetCore.App.Runtime.win-arm64, Microsoft.NetCore.App.Runtime.win-arm, Microsoft.NetCore.App.Runtime.osx-x64, Microsoft.NetCore.App.Runtime.osx-arm64, Microsoft.NetCore.App.Runtime.linux-x64, Microsoft.NetCore.App.Runtime.linux-musl-x64, Microsoft.NetCore.App.Runtime.linux-musl-arm, Microsoft.NetCore.App.Runtime.linux-arm64, Microsoft.NetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Moderate
Ecosystems: nuget
Packages: Microsoft.PowerBI.JavaScript
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS13Y2h4LXJtNmgtN2pmNs4AA8Cf
Microsoft Power BI Client JavaScript SDK Information Disclosure VulnerabilityEcosystems: nuget
Packages: Microsoft.PowerBI.JavaScript
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
Moderate
Ecosystems: nuget, maven
Packages: BouncyCastle.Cryptography, BouncyCastle, org.bouncycastle:bctls-jdk15to18, org.bouncycastle:bctls-jdk14, org.bouncycastle:bctls-jdk18on, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk18on
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 6 months ago
GSA_kwCzR0hTQS1tNDRqLWNmcm0tZzhxY84AA76G
Bouncy Castle crafted signature and public key can be used to trigger an infinite loopEcosystems: nuget, maven
Packages: BouncyCastle.Cryptography, BouncyCastle, org.bouncycastle:bctls-jdk15to18, org.bouncycastle:bctls-jdk14, org.bouncycastle:bctls-jdk18on, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk18on
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 6 months ago
Moderate
Ecosystems: nuget, maven
Packages: BouncyCastle.Cryptography, BouncyCastle, org.bouncycastle:bctls-jdk15to18, org.bouncycastle:bctls-jdk14, org.bouncycastle:bctls-jdk18on, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk18on, org.bouncycastle:bctls-fips
Source: GitHub Advisory Database
Blast Radius: 26.2
Published: 6 months ago
GSA_kwCzR0hTQS12NDM1LXhjOHgtd3ZyOc4AA76H
Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")Ecosystems: nuget, maven
Packages: BouncyCastle.Cryptography, BouncyCastle, org.bouncycastle:bctls-jdk15to18, org.bouncycastle:bctls-jdk14, org.bouncycastle:bctls-jdk18on, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk18on, org.bouncycastle:bctls-fips
Source: GitHub Advisory Database
Blast Radius: 26.2
Published: 6 months ago
Moderate
Ecosystems: nuget, maven
Packages: BouncyCastle.Cryptography, BouncyCastle, org.bouncycastle:bc-fips, org.bouncycastle:bctls-jdk15to18, org.bouncycastle:bctls-jdk14, org.bouncycastle:bctls-jdk18on, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk18on
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 6 months ago
GSA_kwCzR0hTQS04eGZjLWdtNmctdmdwds4AA75b
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.Ecosystems: nuget, maven
Packages: BouncyCastle.Cryptography, BouncyCastle, org.bouncycastle:bc-fips, org.bouncycastle:bctls-jdk15to18, org.bouncycastle:bctls-jdk14, org.bouncycastle:bctls-jdk18on, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk18on
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 6 months ago
High
Ecosystems: nuget
Packages: Npgsql
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: 7 months ago
GSA_kwCzR0hTQS14OXZjLTZoZnYtaGc4Y84AA74L
Npgsql vulnerable to SQL Injection via Protocol Message Size OverflowEcosystems: nuget
Packages: Npgsql
Source: GitHub Advisory Database
Blast Radius: 18.3
Published: 7 months ago
Moderate
Ecosystems: nuget
Packages: Plumber.Workflow, Umbraco.Workflow
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS0yODdmLTQ2ajctajR3aM4AA7R8
Umbraco Workflow's Backoffice users can execute arbitrary SQLEcosystems: nuget
Packages: Plumber.Workflow, Umbraco.Workflow
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: nuget
Packages: Microsoft.WindowsDesktop.App.Runtime.win-x86, Microsoft.WindowsDesktop.App.Runtime.win-x64, Microsoft.WindowsDesktop.App.Runtime.win-arm64
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS02cW14LTQyaDItajhoNs4AA7I9
.NET Elevation of Privilege VulnerabilityEcosystems: nuget
Packages: Microsoft.WindowsDesktop.App.Runtime.win-x86, Microsoft.WindowsDesktop.App.Runtime.win-x64, Microsoft.WindowsDesktop.App.Runtime.win-arm64
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Moderate
Ecosystems: nuget
Packages: Umbraco.Cms.Web.BackOffice, Umbraco.Cms.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS03NHA2LTM5ZjItMjN2M84AA7I7
Blind SSRF Leads to Port Scan by using WebhooksEcosystems: nuget
Packages: Umbraco.Cms.Web.BackOffice, Umbraco.Cms.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Low
Ecosystems: nuget
Packages: Microsoft.Identity.Client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS14Njc0LXY0NWotZnd4d84AA7DY
MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of serviceEcosystems: nuget
Packages: Microsoft.Identity.Client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Moderate
Ecosystems: nuget
Packages: SixLabors.ImageSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS01eDdtLTY3MzctMjZjcs4AA7Bg
SixLabors.ImageSharp vulnerable to data leakageEcosystems: nuget
Packages: SixLabors.ImageSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Moderate
Ecosystems: nuget
Packages: SixLabors.ImageSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1nODVyLTZ4MnEtNDV3N84AA7Bf
SixLabors.ImageSharp vulnerable to Memory Allocation with Excessive Size ValueEcosystems: nuget
Packages: SixLabors.ImageSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Moderate
Ecosystems: nuget
Packages: OpenTelemetry.Instrumentation.AspNetCore, OpenTelemetry.Instrumentation.Http
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS12aDJtLTIyeHgtcTk0Zs4AA6-B
Sensitive query parameters logged by default in OpenTelemetry.Instrumentation http and AspNetCoreEcosystems: nuget
Packages: OpenTelemetry.Instrumentation.AspNetCore, OpenTelemetry.Instrumentation.Http
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Moderate
Ecosystems: nuget
Packages: Azure.Identity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS13dnhjLTg1NWYtanZyds4AA6y0
Azure Identity Library for .NET Information Disclosure VulnerabilityEcosystems: nuget
Packages: Azure.Identity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Moderate
Ecosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: 8 months ago
GSA_kwCzR0hTQS00MzhjLTM5NzUtNXgzZs4AA6Te
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling iframesEcosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: 8 months ago
Moderate
Ecosystems: nuget, npm, packagist
Packages: TinyMCE, tinymce, tinymce/tinymce
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: 8 months ago
GSA_kwCzR0hTQS01MzU5LXB2ZjItcHc3OM4AA6Td
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elementsEcosystems: nuget, npm, packagist
Packages: TinyMCE, tinymce, tinymce/tinymce
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: 8 months ago
High
Ecosystems: nuget
Packages: WixToolset.Sdk, wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1yZjM5LTNmOTgteHI3cs4AA6Ri
WiX based installers are vulnerable to binary hijack when run as SYSTEMEcosystems: nuget
Packages: WixToolset.Sdk, wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
Ecosystems: nuget
Packages: WixToolset.Util.wixext, wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1qeDRwLW00d20tdnZqZ84AA6Rh
Malicious directory junction can cause WiX RemoveFoldersEx to possibly delete elevated filesEcosystems: nuget
Packages: WixToolset.Util.wixext, wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
Ecosystems: nuget
Packages: PanelSwWix4.Sdk
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS1nNHY2LTY5cDYtcTNwNM4AA6RT
WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEMEcosystems: nuget
Packages: PanelSwWix4.Sdk
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
Ecosystems: nuget
Packages: PanelSW.Custom.WiX
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS13cTg4LWZxNHgtaDJwbc4AA6RS
WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEMEcosystems: nuget
Packages: PanelSW.Custom.WiX
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Low
Ecosystems: nuget
Packages: UmbracoCMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS01NTJmLTk3d2YtcG1wcc4AA6LG
Umbraco possible user enumerationEcosystems: nuget
Packages: UmbracoCMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
Ecosystems: nuget
Packages: CoreWCF.NetFramingBase
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS0zMmpxLW12ODktNXJ4N84AA6CL
CoreWCF NetFraming based services can leave connections open when they should be closedEcosystems: nuget
Packages: CoreWCF.NetFramingBase
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
Ecosystems: nuget
Packages: Microsoft.Native.Quic.MsQuic.OpenSSL, Microsoft.Native.Quic.MsQuic.Schannel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS0yeDdtLWdmODUtMzc0Nc4AA587
Remote Denial of Service Vulnerability in Microsoft QUICEcosystems: nuget
Packages: Microsoft.Native.Quic.MsQuic.OpenSSL, Microsoft.Native.Quic.MsQuic.Schannel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.osx-arm64, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS01ZnhqLXdoY3YtY3JyY84AA570
Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service VulnerabilityEcosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.osx-arm64, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
Ecosystems: nuget
Packages: SixLabors.ImageSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS02NXg3LWMyNzItN2c3cs4AA5xd
Use After Free in SixLabors.ImageSharpEcosystems: nuget
Packages: SixLabors.ImageSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Moderate
Ecosystems: nuget
Packages: FullStackHero.WebAPI.Boilerplate
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS03NXgyLTZoNG0taDZteM4AA5oj
FullStackHero's WebAPI Boilerplate host header injection vulnerabilityEcosystems: nuget
Packages: FullStackHero.WebAPI.Boilerplate
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Moderate
Ecosystems: npm, nuget
Packages: @serenity-is/corelib, Serenity.Net.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS01ampxLThjdmotdjZtOc4AA5Xi
Cross-site Scripting in SerenityEcosystems: npm, nuget
Packages: @serenity-is/corelib, Serenity.Net.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Critical
Ecosystems: nuget
Packages: NuGet.Packaging, NuGet.CommandLine
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS02OHc3LTcyamctNnFwcM4AA5RM
NuGet Client Security Feature Bypass VulnerabilityEcosystems: nuget
Packages: NuGet.Packaging, NuGet.CommandLine
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Critical
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS1nNzRxLTV4dzMtajdxOc4AA5RK
Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service VulnerabilityEcosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
High
Ecosystems: nuget
Packages: PanelSwWix4.Sdk
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS04djI4LTNnODYtY2hqNc4AA5Ke
PanelSwWix4.Sdk .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privilegesEcosystems: nuget
Packages: PanelSwWix4.Sdk
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
High
Ecosystems: nuget
Packages: PanelSW.Custom.WiX
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS0yNTlwLXJ2angtZmZ3Z84AA5Kd
Panel::Software Customized WiX .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privilegesEcosystems: nuget
Packages: PanelSW.Custom.WiX
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
High
Ecosystems: nuget
Packages: wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
GSA_kwCzR0hTQS03d2gyLXd4YzctOXBoNc4AA5Kc
WiX Toolset's .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privilegesEcosystems: nuget
Packages: wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Moderate
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.win-x64, System.Security.Cryptography.Xml
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS12aDU1LTc4Nmctd2p3as4AA5C3
.NET Information Disclosure VulnerabilityEcosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.win-x64, System.Security.Cryptography.Xml
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
High
Ecosystems: nuget
Packages: PowerShell
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1qY21xLTVycnYtajJnNM4AA5Ca
PowerShell is subject to remote code execution vulnerabilityEcosystems: nuget
Packages: PowerShell
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
High
Ecosystems: nuget
Packages: TrueLayer.Client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS02N200LXF4cDMtajZoaM4AA486
TrueLayer.Client SSRF when fetching payment or payment providerEcosystems: nuget
Packages: TrueLayer.Client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Moderate
Ecosystems: nuget
Packages: Microsoft.IdentityModel.JsonWebTokens, System.IdentityModel.Tokens.Jwt
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
GSA_kwCzR0hTQS01OWo3LWdocmctZmo1Ms4AA4Tk
Microsoft ASP.NET Core project templates vulnerable to denial of serviceEcosystems: nuget
Packages: Microsoft.IdentityModel.JsonWebTokens, System.IdentityModel.Tokens.Jwt
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
High
Ecosystems: nuget
Packages: Microsoft.Data.SqlClient, System.Data.SqlClient
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: 11 months ago
GSA_kwCzR0hTQS05OGc2LXhoMzYteDJwN84AA4Sw
Microsoft.Data.SqlClient and System.Data.SqlClient vulnerable to SQL Data Provider Security Feature BypassEcosystems: nuget
Packages: Microsoft.Data.SqlClient, System.Data.SqlClient
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: 11 months ago
High
Ecosystems: nuget
Packages: Microsoft.IdentityModel.Protocols.SignedHttpRequest
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
GSA_kwCzR0hTQS1ydjlqLWM4NjYtZ3A1aM4AA4Sp
Microsoft.IdentityModel.Protocols.SignedHttpRequest remote code execution vulnerabilityEcosystems: nuget
Packages: Microsoft.IdentityModel.Protocols.SignedHttpRequest
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Moderate
Ecosystems: nuget
Packages: OWASP.AntiSamy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
GSA_kwCzR0hTQS04eDZmLTk1NmYtcTQzd84AA4Jk
OWASP.AntiSamy mXSS when preserving commentsEcosystems: nuget
Packages: OWASP.AntiSamy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Moderate
Ecosystems: nuget
Packages: Snowflake.Data
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
GSA_kwCzR0hTQS1od2NjLTRjdjgtY2YzaM4AA4AE
Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL)Ecosystems: nuget
Packages: Snowflake.Data
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
GSA_kwCzR0hTQS02eG14LTg1eDMtNGN2Ms4AA3ug
Stored XSS via SVG File UploadEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
GSA_kwCzR0hTQS03eDc0LWg4Y3ctcWh4cc4AA3uf
Brute force exploit can be used to collect valid usernamesEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
GSA_kwCzR0hTQS04cXA4LTlycHctajQ2Y84AA3ue
SMTP misconfiguration leading to "Forgot Password" exploit that leaks registered user email.Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Moderate
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
GSA_kwCzR0hTQS1jZnI1LTdwNTQtNHFnOM4AA3ud
Privilege Escalation using SpoofingEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
GSA_kwCzR0hTQS02MzI0LTUycHItaDRwNc4AA3uc
Using the directory back payload (“/../”) in a package name allows placement of package in other folders.Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Moderate
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
GSA_kwCzR0hTQS12OThtLTM5OHgtMjY5cs4AA3ub
DOM-XSS on Backoffice login screen.Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
GSA_kwCzR0hTQS0zMzV4LTV3Y20tOGp2Ms4AA3ua
Backoffice User can bypass "Publish" restrictionEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Statistics
Advisories: 20,668
Packages: 9,040
Repositories: 138
Ecosystems: 12
Packages: 9,040
Repositories: 138
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
Microsoft.ChakraCore
247
Microsoft.AspNetCore.App.Runtime.win-x86
21
Microsoft.AspNetCore.App.Runtime.win-x64
21
Microsoft.AspNetCore.App.Runtime.win-arm
20
DotNetNuke.Core
19
Microsoft.AspNetCore.App.Runtime.linux-x64
18
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
18
Microsoft.AspNetCore.App.Runtime.linux-arm64
18
Microsoft.AspNetCore.App.Runtime.linux-arm
18
Microsoft.AspNetCore.App.Runtime.win-arm64
18
Microsoft.AspNetCore.App.Runtime.osx-x64
18
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
17
Umbraco.CMS
13
Microsoft.AspNetCore.App.Runtime.linux-musl-arm
13
Microsoft.NETCore.App.Runtime.win-arm64
12
Microsoft.NETCore.App.Runtime.win-x64
12
Microsoft.NETCore.App.Runtime.win-x86
12
Microsoft.NetCore.App.Runtime.win-arm
12
Microsoft.NetCore.App.Runtime.win-arm64
12
Microsoft.NetCore.App.Runtime.win-x86
12
Microsoft.NetCore.App.Runtime.win-x64
12
tinymce/tinymce
11
TinyMCE
11
tinymce
11
Microsoft.AspNetCore.App.Runtime.osx-arm64
11
Microsoft.NETCore.App
10
bootstrap
10
OPCFoundation.NetStandard.Opc.Ua.Core
10
Microsoft.AspNetCore.All
10
twbs/bootstrap
9
bootstrap
9
bootstrap
9
org.webjars:bootstrap
9
Microsoft.NETCore.App.Runtime.linux-arm
9
Microsoft.NETCore.App.Runtime.linux-arm64
9
Microsoft.NETCore.App.Runtime.linux-musl-arm64
9
Microsoft.NETCore.App.Runtime.linux-musl-x64
9
Microsoft.NETCore.App.Runtime.linux-x64
9
Microsoft.NETCore.App.Runtime.osx-x64
8
Microsoft.AspNetCore.App
8
Microsoft.NETCore.App.Runtime.win-arm
8
jquery-rails
8
bootstrap.sass
8
jquery
8
org.webjars.npm:jquery
8
Microsoft.NetCore.App.Runtime.linux-musl-arm64
7
CefSharp.Common
7
Microsoft.NetCore.App.Runtime.osx-x64
7
Microsoft.NetCore.App.Runtime.osx-arm64
7
Microsoft.NetCore.App.Runtime.linux-x64
7
Microsoft.NetCore.App.Runtime.linux-musl-x64
7
Microsoft.NetCore.App.Runtime.linux-musl-arm
7
Microsoft.NetCore.App.Runtime.linux-arm64
7
Microsoft.NetCore.App.Runtime.linux-arm
7
Microsoft.NETCore.App.Runtime.linux-musl-arm
7
jquery-ui
7
jquery-ui-rails
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
jQuery
7
bootstrap-sass
7
OPCFoundation.NetStandard.Opc.Ua
6
Microsoft.AspNetCore.Mvc.Core
6
Microsoft.WindowsDesktop.App.Runtime.win-x86
5
SixLabors.ImageSharp
5
Microsoft.WindowsDesktop.App.Runtime.win-x64
5
bootstrap-sass
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.linux-arm
5
Microsoft.NETCore.App.Runtime.Mono.linux-arm64
5
Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64
5
Microsoft.NETCore.App.Runtime.Mono.linux-x64
5
Microsoft.NETCore.App.Runtime.Mono.osx-x64
5
CefSharp.Wpf.HwndHost
5
Microsoft.NETCore.App.Runtime.rhel.6-x64
5
System.Net.Http
5
Microsoft.AspNetCore.Server.Kestrel.Core
5
Microsoft.AspNetCore.Mvc.Cors
5
CefSharp.WinForms
5
CefSharp.Wpf
5
System.Text.Encodings.Web
5
System.Net.WebSockets.Client
4
Microsoft.AspNetCore.Mvc.Abstractions
4
Microsoft.AspNetCore.Mvc.ApiExplorer
4
Microsoft.AspNetCore.Mvc.DataAnnotations
4
Microsoft.AspNetCore.Mvc.Formatters.Json
4
System.Net.Security
4
System.Net.Http.WinHttpHandler
4
Microsoft.AspNetCore.Mvc
4
Serenity.Net.Core
4
Microsoft.WindowsDesktop.App.Runtime.win-arm64
4
SharpZipLib
4
Umbraco.Cms.Core
4
NuGet.CommandLine
4
AjaxNetProfessional
4
UmbracoCms
4
NuGet.Commands
4
SSCMS
4
BouncyCastle
4
org.bouncycastle:bcprov-jdk14
4
org.bouncycastle:bcprov-jdk15to18
4
org.bouncycastle:bcprov-jdk15on
4
Microsoft.AspNetCore.Mvc.WebApiCompatShim
4
Microsoft.AspNetCore.Mvc.ViewFeatures
4
Microsoft.AspNetCore.Mvc.TagHelpers
4
Microsoft.AspNetCore.Mvc.Razor
4
Microsoft.AspNetCore.Mvc.Razor.Host
4
Microsoft.AspNetCore.Mvc.Localization
4
Microsoft.AspNetCore.Mvc.Formatters.Xml
4
Microsoft.Native.Quic.MsQuic.Schannel
3
Umbraco.Cms.Web.BackOffice
3
UmbracoCms.Core
3
Microsoft.Native.Quic.MsQuic.OpenSSL
3
CefSharp.Common.NETCore
3
wix
3
System.Private.Uri
3
System.Security.Cryptography.Xml
3
BouncyCastle.Cryptography
3
django-tinymce
3
Azure.Identity
3
org.bouncycastle:bctls-jdk15to18
3
org.bouncycastle:bctls-jdk14
3
org.bouncycastle:bctls-jdk18on
3
Sustainsys.Saml2
3
org.bouncycastle:bcprov-jdk18on
3
OPCFoundation.NetStandard.Opc.Ua.Server
3
Microsoft.NETCore.App.Runtime.osx-arm64
3
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64
2
sharpcompress
2
DisCatSharp
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.arm64
2
Microsoft.AspNetCore.Server.HttpSys
2
Bootstrap.Less
2
Microsoft.NETCore.App.Runtime.Mono.android-arm
2
maximebf/debugbar
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x86
2
Piranha
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.arm64
2
starkbank-ecdsa
2
Microsoft.NETCore.App.Runtime.Mono.android-x86
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x86
2
Microsoft.AspNetCore.Server.Kestrel.Transport.Libuv
2
OrchardCore
2
Microsoft.Identity.Client
2
UmbracoCMS
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x64
2
PeterO.Cbor
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.arm64
2
Yarp.ReverseProxy
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-x64
2
Duende.IdentityServer
2
System.Text.Json
2
DotNetZip
2
IdentityServer4
2
Microsoft.AspNetCore.Http.Connections
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-arm64
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-x86
2
NuGet.Protocol
2
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm
2
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm64
2
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-x64
2
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-x86
2
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.browser-wasm
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-arm
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-arm64
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-x64
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-x86
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.browser-wasm
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm64
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-arm64
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86
2
RestSharp
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64
2
log4net
2
protobuf
2
github.com/protocolbuffers/protobuf
2
google/protobuf
2
Google.Protobuf
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64
2
Filter by Repository
https://github.com/chakra-core/ChakraCore
214
https://github.com/dotnet/runtime
33
https://github.com/umbraco/Umbraco-CMS
25
https://github.com/github/advisory-database
18
https://github.com/dotnet/aspnetcore
14
https://github.com/OPCFoundation/UA-.NETStandard
13
https://github.com/tinymce/tinymce
11
https://github.com/jquery/jquery
9
https://github.com/dnnsoftware/Dnn.Platform
7
https://github.com/twbs/bootstrap
7
https://github.com/cefsharp/CefSharp
7
https://github.com/jquery/jquery-ui
6
https://github.com/SixLabors/ImageSharp
5
https://github.com/icsharpcode/SharpZipLib
4
https://github.com/michaelschwarz/Ajax.NET-Professional
4
https://github.com/bcgit/bc-csharp
4
https://github.com/siteserver/cms
4
https://github.com/NuGet/NuGet.Client
4
https://github.com/DuendeSoftware/IdentityServer
3
https://github.com/serenity-is/Serenity
3
https://github.com/dotnet/wpf
3
https://github.com/dotnet/sdk
3
https://github.com/wixtoolset/issues
3
https://github.com/microsoft/msquic
3
https://github.com/Sustainsys/Saml2
3
https://github.com/Azure/azure-sdk-for-net
3
https://github.com/PowerShell/PowerShell
3
https://github.com/nirbar/wix3
2
https://github.com/mongodb/mongo-csharp-driver
2
https://github.com/nirbar/wix4
2
https://github.com/orchardcms/orchardcore
2
https://github.com/moment/moment
2
https://github.com/microsoft/reverse-proxy
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/Orckestra/C1-CMS-Foundation
2
https://github.com/gordon-matt/elFinder.NetCore
2
https://github.com/haf/DotNetZip.Semverd
2
https://github.com/mganss/HtmlSanitizer
2
https://github.com/peteroupc/CBOR
2
https://github.com/PiranhaCMS/piranha.core
2
https://github.com/joniles/mpxj
2
https://github.com/adamhathcock/sharpcompress
2
https://github.com/Aiko-IT-Systems/DisCatSharp
2
https://github.com/theori-io/chakra-2016-11
2
https://github.com/tgstation/tgstation-server
2
https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet
2
https://github.com/snowflakedb/snowflake-connector-net
2
https://github.com/ServiceStack/ServiceStack
2
https://github.com/dotnet/corefx
2
https://github.com/restsharp/RestSharp
2
https://github.com/apache/logging-log4net
1
https://github.com/gsemac/Gsemac.Common
1
https://github.com/apache/avro
1
https://github.com/Antaris/RazorEngine
1
https://github.com/HangfireIO/Hangfire
1
https://github.com/akkadotnet/akka.net
1
https://github.com/dotnetcore/AgileConfig
1
https://github.com/imazen/imageflow
1
https://github.com/imazen/resizer
1
https://github.com/IowaComputerGurus/aspnetcore.utilities.cloudstorage
1
https://github.com/JamesNK/Newtonsoft.Json
1
https://github.com/Jasig/phpCAS
1
https://github.com/jchristn/IpMatcher
1
https://github.com/jellyfin/jellyfin
1
https://github.com/jellyfin/jellyfin-web
1
https://github.com/adplug/adplug
1
https://github.com/drewnoakes/metadata-extractor-dotnet
1
https://github.com/dub-flow/vulnerability-research
1
https://github.com/brantburnett/Snappier
1
https://github.com/DuendeSoftware/Duende.AccessTokenManagement
1
https://github.com/Brondahl/EnumStringValues
1
https://github.com/Azure/azure-sdk-for-go
1
https://github.com/AzureAD/microsoft-authentication-library-for-dotnet
1
https://github.com/elastic/apm-agent-dotnet
1
https://github.com/FastReports/FastReport
1
https://github.com/glennrp/libpng
1
https://github.com/AsynkronIT/Wire
1
https://github.com/Archomeda/Gw2Sharp
1
https://github.com/CoreWCF/CoreWCF
1
https://github.com/dnnsoftware/dnn.platform
1
https://github.com/google/brotli
1
https://github.com/apache/lucenenet
1
https://github.com/google/protobuf
1
https://github.com/aaubry/YamlDotNet
1
https://github.com/protocolbuffers/protobuf
1
https://github.com/pubnub/javascript
1
https://github.com/qnighy/libwebp-sys2-rs
1
https://github.com/QuantConnect/Lean
1
https://github.com/ravibpatel/AutoUpdater.NET
1
https://github.com/reactiveui/refit
1
https://github.com/recurly/recurly-client-net
1
https://github.com/SeppPenner/WindowsHello
1
https://github.com/SeriaWei/ZKEACMS
1
https://github.com/serilog-contrib/serilog-enrichers-clientinfo
1
https://github.com/SinGooCMS/SinGooCMSUtility
1
https://github.com/snapappointments/bootstrap-select
1
https://github.com/spassarop/antisamy-dotnet
1
https://github.com/sshnet/NET
1
https://github.com/starkbank/ecdsa-dotnet
1
https://github.com/starkbank/ecdsa-python
1
https://github.com/SteeltoeOSS/security-advisories
1
https://github.com/swagger-api/swagger-ui
1
https://github.com/trannamtrung1st/elFinder.Net.Core
1
https://github.com/TrueLayer/truelayer-dotnet
1
https://github.com/turquoiseowl/i18n
1
https://github.com/umbraco/Umbraco.Commerce.Issues
1
https://github.com/umbraco/Umbraco.Forms.Issues
1
https://github.com/umbraco/Umbraco.Workflow.Issues
1
https://github.com/zzzprojects/System.Linq.Dynamic.Core
1
https://gitlab.com/eLeN3Re/cve-2020-9471
1
https://github.com/jonschlinkert/set-value
1
https://github.com/jquery-validation/jquery-validation
1
https://github.com/jstedfast/MimeKit
1
https://github.com/kapetan/dns
1
https://github.com/ldqk/Masuit.Tools
1
https://github.com/LittleBigRefresh/Bunkum
1
https://github.com/madskristensen/Miniblog.Core
1
https://github.com/MarimerLLC/csla
1
https://github.com/mbdavid/LiteDB
1
https://github.com/MessagePack-CSharp/MessagePack-CSharp
1
https://github.com/mguinness/elFinder.AspNet
1
https://github.com/MichaelGrafnetter/DSInternals
1
https://github.com/microsoft/bond
1
https://github.com/microsoft/botbuilder-dotnet
1
https://github.com/microsoft/ChakraCore
1
https://github.com/microsoft/DirectXTex
1
https://github.com/moq/moq
1
https://github.com/NancyFx/Nancy
1
https://github.com/neuecc/MessagePack-CSharp
1
https://github.com/nhibernate/nhibernate-core
1
https://github.com/npgsql/npgsql
1
https://github.com/NuGet/Home
1
https://github.com/OPCFoundation/UA-.NET-Legacy
1
https://github.com/open-telemetry/opentelemetry-dotnet
1
https://github.com/OrchardCMS/OrchardCore
1
https://github.com/personnummer/csharp
1
https://gitlab.com/eLeN3Re/cve-2020-9472
1