Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
nuget Security Advisories
Loading...
Critical
Ecosystems: nuget
Packages: System.Linq.Dynamic.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
GSA_kwCzR0hTQS13NjVxLWpjbXYtMjhnas4AAz_-
Dynamic Linq vulnerable to remote code executionEcosystems: nuget
Packages: System.Linq.Dynamic.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
Critical
Ecosystems: nuget
Packages: SinGooCMS.Utility
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS0yOXJ2LWZxeDItNGM5Zs0z6w
Deserialization of Untrusted Data in SinGooCMS.UtilityEcosystems: nuget
Packages: SinGooCMS.Utility
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Critical
Ecosystems: nuget
Packages: FastReport.OpenSource
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY3MjYtM3ZnOS1jcDM0
Missing Authorization in FastReportEcosystems: nuget
Packages: FastReport.OpenSource
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Critical
Ecosystems: nuget
Packages: AgileConfig.Client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1tajV3LXc1ODgtajZ4Z84AAuFw
Use of Hard-coded Credentials in AgileConfig.ClientEcosystems: nuget
Packages: AgileConfig.Client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1jNzl2LTJyanEtOTY1bc4AAR_K
ChakraCore vulnerable to privilege escalationEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg4ZjctaDQ0NC05N3c0
The installation wizard in DotNetNuke (DNN) allows privilege escalationEcosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
Critical
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1mdzQyLTRtcTQtNHFwcc4AAQAj
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: nuget
Packages: NewRelic.Agent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0ycnZ4LWN2ZmMtbWNwMs4AAbX5
New Relic .NET Agent contains SQL InjectionEcosystems: nuget
Packages: NewRelic.Agent
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1naHdxLTd2M3ItNTQzM84AAbkw
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: nuget
Packages: AjaxNetProfessional
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS03NHI2LWdyajktOHJxNs0ZEw
Remote Code Execution in AjaxNetProfessionalEcosystems: nuget
Packages: AjaxNetProfessional
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: nuget
Packages: curl
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: almost 2 years ago
GSA_kwCzR0hTQS02NzRqLTdtOTctajJwOc4AATXH
curl FTP path confusion leads to NIL byte out of bounds writeEcosystems: nuget
Packages: curl
Source: GitHub Advisory Database
Blast Radius: 17.2
Published: almost 2 years ago
Critical
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00NDhoLTdobXAtOTlmZ84AAbWe
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS1nNzRxLTV4dzMtajdxOc4AA5RK
Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service VulnerabilityEcosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
Ecosystems: nuget
Packages: NuGet.Packaging, NuGet.CommandLine
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS02OHc3LTcyamctNnFwcM4AA5RM
NuGet Client Security Feature Bypass VulnerabilityEcosystems: nuget
Packages: NuGet.Packaging, NuGet.CommandLine
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Critical
Ecosystems: nuget
Packages: IpMatcher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xajkzLTM3ZjUtbXIyOc4AAX6N
Improper Input Validation in IpMatcherEcosystems: nuget
Packages: IpMatcher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: nuget
Packages: LiteDB
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS0zeDQ5LWc2cmMtYzI4NM4AAxzV
LiteDB may deserialize bad JSON on object type using _typeEcosystems: nuget
Packages: LiteDB
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Critical
Ecosystems: packagist, maven, nuget
Packages: jasig/phpcas, org.jasig.cas:cas-client, DotNetCasClient
Source: GitHub Advisory Database
Blast Radius: 29.1
Published: almost 2 years ago
GSA_kwCzR0hTQS05ZmM1LXEyNWMtcjJ3cs4AAgVP
Jasig Java CAS Client, .NET CAS Client, and phpCAS contain URL parameter injection vulnerabilityEcosystems: packagist, maven, nuget
Packages: jasig/phpcas, org.jasig.cas:cas-client, DotNetCasClient
Source: GitHub Advisory Database
Blast Radius: 29.1
Published: almost 2 years ago
Critical
Ecosystems: nuget
Packages: starkbank-ecdsa
Source: GitHub Advisory Database
Blast Radius: 24.3
Published: over 2 years ago
GSA_kwCzR0hTQS1qM2p3LWoyajgtMnd2Oc0XJg
Improper Verification of Cryptographic Signature in starkbank-ecdsaEcosystems: nuget
Packages: starkbank-ecdsa
Source: GitHub Advisory Database
Blast Radius: 24.3
Published: over 2 years ago
Critical
Ecosystems: nuget
Packages: DNS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1nM3djLXh2OTMtNDQ1cc4AAwZM
DNS NuGet package uses insufficiently random valuesEcosystems: nuget
Packages: DNS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: nuget
Packages: CefSharp.Common.NETCore, CefSharp.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS1qNjQ2LWdqNXAtcDQ1Z84AA1_1
CefSharp affected by heap buffer overflow in WebPEcosystems: nuget
Packages: CefSharp.Common.NETCore, CefSharp.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Critical
Ecosystems: nuget
Packages: System.Drawing.Common
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: almost 2 years ago
GSA_kwCzR0hTQS1yeGc5LXhyaHAtNjRnas4AAnr8
.NET Core Remote Code Execution VulnerabilityEcosystems: nuget
Packages: System.Drawing.Common
Source: GitHub Advisory Database
Blast Radius: 10.9
Published: almost 2 years ago
Critical
Ecosystems: nuget
Packages: AjaxNetProfessional
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS02cjdjLTZ3OTYtOHB2d80ZPw
Remote Code Execution in AjaxNetProfessionalEcosystems: nuget
Packages: AjaxNetProfessional
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: nuget
Packages: Autoupdater.NET.Official
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03NXAyLWhndzQtZzdmN84AAj_X
AutoUpdater.NET allows XXEEcosystems: nuget
Packages: Autoupdater.NET.Official
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: nuget
Packages: recurly-api-client
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhwd3AtcnEzeC14NnY3
Critical severity vulnerability that affects recurly-api-clientEcosystems: nuget
Packages: recurly-api-client
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Critical
Ecosystems: nuget
Packages: QuantConnect.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13dzdyLTI3OGgtNDhtaM4AAm33
QuantConnect Lean vulnerable to insecure deserializationEcosystems: nuget
Packages: QuantConnect.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: nuget
Packages: Halibut
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1ocGY3LTRjMmctOWNoZs0V-A
Remote Code Execution in HalibutEcosystems: nuget
Packages: Halibut
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: nuget
Packages: Wire
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhwdzctM3ZxMy1tbXY2
Insecure deserialization in WireEcosystems: nuget
Packages: Wire
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Critical
Ecosystems: nuget
Packages: MadsKristensen.AspNetCore.Miniblog
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk1OHItZzUzNC1jY21y
MadsKristensen.AspNetCore.Miniblog subject to Improper Input ValidationEcosystems: nuget
Packages: MadsKristensen.AspNetCore.Miniblog
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
Critical
Ecosystems: nuget
Packages: elFinder.NetCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS13bXBtLWZxN3ItanE1Ns0VkA
Imporoper path validation in elFinder.NetCoreEcosystems: nuget
Packages: elFinder.NetCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
Ecosystems: nuget
Packages: adplug
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg3NHctbTJ2Mi1tajY0
Double Free in AdplugEcosystems: nuget
Packages: adplug
Source: GitHub Advisory Database
Blast Radius: 6.8
Published: about 3 years ago
Critical
Ecosystems: nuget
Packages: Auth0-WCF-Service-JWT
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwdngtZ3BxbS1nOThq
Critical severity vulnerability that affects Auth0-WCF-Service-JWTEcosystems: nuget
Packages: Auth0-WCF-Service-JWT
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Critical
Ecosystems: nuget
Packages: log4net
Source: GitHub Advisory Database
Blast Radius: 43.4
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJjd2otOGNodi05cHA5
XML External Entity attack in log4netEcosystems: nuget
Packages: log4net
Source: GitHub Advisory Database
Blast Radius: 43.4
Published: over 3 years ago
Critical
Ecosystems: nuget
Packages: System.Text.Encodings.Web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdoaHAtOTk3dy1xcjI4
.NET Core Remote Code Execution VulnerabilityEcosystems: nuget
Packages: System.Text.Encodings.Web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
Critical
Ecosystems: nuget
Packages: CompositeC1.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1nZmhwLWpncDYtODM4as4AAvIk
Orckestra C1 CMS's deserialization of untrusted data allows for arbitrary code execution.Ecosystems: nuget
Packages: CompositeC1.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Critical
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS04djJoLTRqcG0tM3dmbc4AAabE
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Critical
Ecosystems: nuget
Packages: Nancy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1teDNxLWoyZzItNXF4cc4AAbIQ
Deserialization of Untrusted Data in NancyFX NancyEcosystems: nuget
Packages: Nancy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Newtonsoft.Json
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01Y3JwLTlyM2MtcDl2cs4AAs6x
Improper Handling of Exceptional Conditions in Newtonsoft.JsonEcosystems: nuget
Packages: Newtonsoft.Json
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgyM20tdzZ4NS1qd3I0
Out-of-bounds writeEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZtZjUtOTI0Zi0yNWYy
Out-of-bounds writeEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
Ecosystems: nuget
Packages: Snappier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS04Mzh4LXBjdngtNnA1d84AAyW0
Snappier vulnerable to buffer overrun due to improper restriction of operations within the bounds of a memory bufferEcosystems: nuget
Packages: Snappier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXAyM2otZzc0NS04NDQ5
Out-of-bounds writeEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhybW0tZjRqOC04dnhj
Out-of-bounds writeEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
Ecosystems: nuget
Packages: PanelSwWix4.Sdk
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS1nNHY2LTY5cDYtcTNwNM4AA6RT
WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEMEcosystems: nuget
Packages: PanelSwWix4.Sdk
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
Ecosystems: nuget
Packages: Apache.Avro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS04Njh4LXJnNGMtY2pxZ80hDQ
Allocation of Resources Without Limits or Throttling in Apache AvroEcosystems: nuget
Packages: Apache.Avro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTUzcjQtaDI3Zy1yZzN4
Out-of-bounds writeEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zOHI3LXJ2NXAtZ2d3cc3_0Q
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: rubygems, maven, nuget, npm
Packages: jquery-rails, org.webjars.npm:jquery, jQuery, jquery
Source: GitHub Advisory Database
Blast Radius: 129.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1ocHAtODc1dy05Y3B2
Denial of Service in jqueryEcosystems: rubygems, maven, nuget, npm
Packages: jquery-rails, org.webjars.npm:jquery, jQuery, jquery
Source: GitHub Advisory Database
Blast Radius: 129.0
Published: over 6 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oNWh3LXFycnctdmZ4Z838JA
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: System.Management.Automation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTYyZ3ctM3Jtai13bXAy
High severity vulnerability that affects System.Management.AutomationEcosystems: nuget
Packages: System.Management.Automation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 4 years ago
High
Ecosystems: nuget
Packages: System.Net.Http.WinHttpHandler, Microsoft.AspNetCore.Mvc.WebApiCompatShim, Microsoft.AspNetCore.Mvc.ViewFeatures, Microsoft.AspNetCore.Mvc.TagHelpers, Microsoft.AspNetCore.Mvc.Razor, Microsoft.AspNetCore.Mvc.Razor.Host, Microsoft.AspNetCore.Mvc.Localization, Microsoft.AspNetCore.Mvc.Formatters.Xml, Microsoft.AspNetCore.Mvc.Formatters.Json, Microsoft.AspNetCore.Mvc.DataAnnotations, Microsoft.AspNetCore.Mvc.Cors, Microsoft.AspNetCore.Mvc.ApiExplorer, Microsoft.AspNetCore.Mvc.Abstractions, System.Net.WebSockets.Client, System.Net.Security, System.Text.Encodings.Web, System.Net.Http, Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.Mvc
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4aDctNHYydy0zNnE2
ASP.NET Core fails to properly validate web requestsEcosystems: nuget
Packages: System.Net.Http.WinHttpHandler, Microsoft.AspNetCore.Mvc.WebApiCompatShim, Microsoft.AspNetCore.Mvc.ViewFeatures, Microsoft.AspNetCore.Mvc.TagHelpers, Microsoft.AspNetCore.Mvc.Razor, Microsoft.AspNetCore.Mvc.Razor.Host, Microsoft.AspNetCore.Mvc.Localization, Microsoft.AspNetCore.Mvc.Formatters.Xml, Microsoft.AspNetCore.Mvc.Formatters.Json, Microsoft.AspNetCore.Mvc.DataAnnotations, Microsoft.AspNetCore.Mvc.Cors, Microsoft.AspNetCore.Mvc.ApiExplorer, Microsoft.AspNetCore.Mvc.Abstractions, System.Net.WebSockets.Client, System.Net.Security, System.Text.Encodings.Web, System.Net.Http, Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.Mvc
Source: GitHub Advisory Database
Blast Radius: 10.7
Published: over 5 years ago
High
Ecosystems: nuget
Packages: SSCMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01eHI1LXYyaDctMnc3d84AArMn
SQL injection in SiteServer CMSEcosystems: nuget
Packages: SSCMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget, npm
Packages: Moment.js, moment
Source: GitHub Advisory Database
Blast Radius: 46.0
Published: about 2 years ago
GSA_kwCzR0hTQS04aGZqLWoyNHItOTZjNM04JA
Path Traversal: 'dir/../../filename' in moment.localeEcosystems: nuget, npm
Packages: Moment.js, moment
Source: GitHub Advisory Database
Blast Radius: 46.0
Published: about 2 years ago
High
Ecosystems: nuget, npm
Packages: Moment.js, moment
Source: GitHub Advisory Database
Blast Radius: 46.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13YzY5LXJoanItaGM5Z84AAtHU
Moment.js vulnerable to Inefficient Regular Expression ComplexityEcosystems: nuget, npm
Packages: Moment.js, moment
Source: GitHub Advisory Database
Blast Radius: 46.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: DisCatSharp, Microsoft.AspNetCore.Mvc.WebApiCompatShim, Microsoft.AspNetCore.Mvc.ViewFeatures, Microsoft.AspNetCore.Mvc.TagHelpers, Microsoft.AspNetCore.Mvc.Razor, Microsoft.AspNetCore.Mvc.Razor.Host, Microsoft.AspNetCore.Mvc.Localization, Microsoft.AspNetCore.Mvc.Formatters.Xml, Microsoft.AspNetCore.Mvc.Formatters.Json, Microsoft.AspNetCore.Mvc.DataAnnotations, Microsoft.AspNetCore.Mvc.Cors, Microsoft.AspNetCore.Mvc.ApiExplorer, Microsoft.AspNetCore.Mvc.Abstractions, System.Net.WebSockets.Client, System.Net.Security, System.Net.Http.WinHttpHandler, System.Text.Encodings.Web, System.Net.Http, Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.Mvc
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFocWYtZ2hnaC14Mm00
High severity vulnerability that affects Microsoft.AspNetCore.MvcEcosystems: nuget
Packages: DisCatSharp, Microsoft.AspNetCore.Mvc.WebApiCompatShim, Microsoft.AspNetCore.Mvc.ViewFeatures, Microsoft.AspNetCore.Mvc.TagHelpers, Microsoft.AspNetCore.Mvc.Razor, Microsoft.AspNetCore.Mvc.Razor.Host, Microsoft.AspNetCore.Mvc.Localization, Microsoft.AspNetCore.Mvc.Formatters.Xml, Microsoft.AspNetCore.Mvc.Formatters.Json, Microsoft.AspNetCore.Mvc.DataAnnotations, Microsoft.AspNetCore.Mvc.Cors, Microsoft.AspNetCore.Mvc.ApiExplorer, Microsoft.AspNetCore.Mvc.Abstractions, System.Net.WebSockets.Client, System.Net.Security, System.Net.Http.WinHttpHandler, System.Text.Encodings.Web, System.Net.Http, Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.Mvc
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: over 5 years ago
High
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01ZjZwLTRoeHEtcmp4bc4AAb4c
Umbraco CMS vulnerable to CSRFEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: PanelSW.Custom.WiX
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS13cTg4LWZxNHgtaDJwbc4AA6RS
WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEMEcosystems: nuget
Packages: PanelSW.Custom.WiX
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh4M2gtajNjeC04cWZq
Insufficient Entropy in DotNetNukeEcosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
High
Ecosystems: nuget
Packages: System.Net.Requests
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1jM2hmLTh2Z3gtNzJyaM4AA3Hy
Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege VulnerabilityEcosystems: nuget
Packages: System.Net.Requests
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12OWpnLW02ZzUtaDNoaM4AAVaY
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: npm, nuget
Packages: set-value, set-value-nuget
Source: GitHub Advisory Database
Blast Radius: 49.0
Published: over 2 years ago
GSA_kwCzR0hTQS00anFjLThtNXItOXJwcs0Vvg
Prototype Pollution in set-valueEcosystems: npm, nuget
Packages: set-value, set-value-nuget
Source: GitHub Advisory Database
Blast Radius: 49.0
Published: over 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1mamo4LWd2NGotOTUzcM4AAVdH
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12Zmp3LWNyY3EtcTkyds4AAVcU
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS0zcWY5LXF4ZmotNHdoY84AA11o
Microsoft Security Advisory CVE-2023-36792: .NET Remote Code Execution VulnerabilityEcosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zZnZ3LWc2bXItdzI0N83_rQ
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01cnEzLTl3YzktbTljM84AAQFJ
ChakraCore Memory Corruption VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zdzR2LXFmcWMtMzQzM84AAQCE
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS02djhyLTgzdjMtcm1yZs38Sw
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZwYzItN3htZi1wcG1m
Out-of-bounds Write in ChakraCoreEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS02YzJ2LXhjOGYtZnZmN838Rg
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.rhel.6-x64, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zdzVwLWpocDUtYzI5cc4AAkwg
.NET Core & .NET Framework Denial of Service VulnerabilityEcosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.rhel.6-x64, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: UmbracoCMS.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oNjhjLTRqaDMtY3A5as4AAj7a
Umbraco CMS Authenticated File UploadEcosystems: nuget
Packages: UmbracoCMS.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12M3hwLTN3cHEtcnZocM379A
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01ajQ4LTgyNnAtMnc5cs38GQ
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tOHg4LTVjaDctYzV3Oc38Fw
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBmcmctdzQ5Yy04NDMy
Out-of-bounds write in ChakraCoreEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS14eHA3LTQyM2YtaGNwNM4AAQAL
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: WixToolset.Sdk, wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
GSA_kwCzR0hTQS1yZjM5LTNmOTgteHI3cs4AA6Ri
WiX based installers are vulnerable to binary hijack when run as SYSTEMEcosystems: nuget
Packages: WixToolset.Sdk, wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc4OXItcWNoNC04anY1
Out-of-bounds writeEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03Y2M1LWNxbXgtOXY3Z83_sw
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wM3J3LTg4cHAtdzRqaM4AAbWR
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1ocmY0LXd3NHctNnJ2Ns4AAYYk
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.All
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zd2NqLXJnOHEtOWNxds4AAXe1
Open redirect in ASP.NET CoreEcosystems: nuget
Packages: Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.All
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xOXg2LTdoamgtcTlmY838Hg
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS03d2gyLXd4YzctOXBoNc4AA5Kc
WiX Toolset's .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privilegesEcosystems: nuget
Packages: wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zbXY4LXgzamotM2o3bc4AAQA7
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: System.Text.RegularExpressions
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNtaHgtY3E3NS1jNG1q
Regular Expression Denial of Service in System.Text.RegularExpressionsEcosystems: nuget
Packages: System.Text.RegularExpressions
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
Ecosystems: nuget
Packages: PowerShell
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS1qY21xLTVycnYtajJnNM4AA5Ca
PowerShell is subject to remote code execution vulnerabilityEcosystems: nuget
Packages: PowerShell
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00YzkzLXE3OXYtbXc0Nc3__A
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13Z3cyLXd3cTgtYzd3Zs3_7A
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM4cWMtNjJxdi01cDJ4
Out-of-bounds Write in ChakraCoreEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05ZjJwLXdtNDYtNm01Zs4AAYHa
Chakra Core vulnerable to privilege escalation when writing to JavaScript null scope objectsEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgyeG0tMnA2dy1tajJ2
Out-of-bounds Write in ChakraCoreEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wOTdxLWo5OHEtZjk4d83_4g
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget, cargo, pypi, go, npm
Packages: magick.net-q8-x64, magick.net-q8-openmp-x64, magick.net-q8-anycpu, magick.net-q16-x64, magick.net-q16-hdri-anycpu, magick.net-q16-anycpu, webp, Pillow, github.com/chai2010/webp, SkiaSharp, electron, libwebp-sys, libwebp-sys2
Source: GitHub Advisory Database
Blast Radius: 130.8
Published: 8 months ago
GSA_kwCzR0hTQS1qN2hwLWg4angtNXBwcs4AA10j
libwebp: OOB write in BuildHuffmanTableEcosystems: nuget, cargo, pypi, go, npm
Packages: magick.net-q8-x64, magick.net-q8-openmp-x64, magick.net-q8-anycpu, magick.net-q16-x64, magick.net-q16-hdri-anycpu, magick.net-q16-anycpu, webp, Pillow, github.com/chai2010/webp, SkiaSharp, electron, libwebp-sys, libwebp-sys2
Source: GitHub Advisory Database
Blast Radius: 130.8
Published: 8 months ago
High
Ecosystems: nuget
Packages: ImageResizer.Plugins.FreeImage
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS13cWNyLXhtNDMtaHBxcs4AA2R3
Vulnerable version of libwebp and can be exploited with a malicious source imageEcosystems: nuget
Packages: ImageResizer.Plugins.FreeImage
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1ncWg0LTRyODktcHI5Nc3_pg
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4OW0tZ2NqZi02Z2hw
Out-of-bounds write in ChakraCoreEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1nZ3Z2LTZ2MjUtcjQ5cs3_3w
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS02eG12LW14N3EtNzg5cs4AAQAD
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: elFinder.AspNet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBqeHYtdzNxai1qOG0z
Directory Traversal in elFinder.AspNetEcosystems: nuget
Packages: elFinder.AspNet
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Statistics
Advisories: 18,400
Packages: 8,303
Repositories: 122
Ecosystems: 12
Packages: 8,303
Repositories: 122
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
Microsoft.ChakraCore
247
DotNetNuke.Core
19
Microsoft.AspNetCore.App.Runtime.win-x64
17
Microsoft.AspNetCore.App.Runtime.win-x86
17
Microsoft.AspNetCore.App.Runtime.win-arm
16
Microsoft.AspNetCore.App.Runtime.linux-arm
15
Microsoft.AspNetCore.App.Runtime.linux-arm64
15
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
15
Microsoft.AspNetCore.App.Runtime.linux-x64
15
Microsoft.AspNetCore.App.Runtime.osx-x64
15
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
14
Microsoft.AspNetCore.App.Runtime.win-arm64
14
Microsoft.NETCore.App.Runtime.win-x86
12
Microsoft.NETCore.App.Runtime.win-x64
12
Microsoft.NETCore.App.Runtime.win-arm64
12
Microsoft.NETCore.App
10
Umbraco.CMS
10
Microsoft.AspNetCore.All
10
Microsoft.AspNetCore.App.Runtime.linux-musl-arm
10
Microsoft.NETCore.App.Runtime.linux-musl-arm64
9
Microsoft.NETCore.App.Runtime.linux-musl-x64
9
Microsoft.NetCore.App.Runtime.win-arm
9
Microsoft.NETCore.App.Runtime.linux-x64
9
Microsoft.NetCore.App.Runtime.win-arm64
9
Microsoft.NetCore.App.Runtime.win-x64
9
Microsoft.NetCore.App.Runtime.win-x86
9
tinymce
9
TinyMCE
9
tinymce/tinymce
9
Microsoft.NETCore.App.Runtime.linux-arm64
9
Microsoft.NETCore.App.Runtime.linux-arm
9
org.webjars.npm:jquery
9
jquery-rails
9
jquery
9
Microsoft.AspNetCore.App
8
Microsoft.AspNetCore.App.Runtime.osx-arm64
8
jQuery
8
Microsoft.NETCore.App.Runtime.win-arm
8
Microsoft.NETCore.App.Runtime.osx-x64
8
Microsoft.NETCore.App.Runtime.linux-musl-arm
7
OPCFoundation.NetStandard.Opc.Ua.Core
7
CefSharp.Common
7
jquery-ui
7
jquery-ui-rails
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
Microsoft.AspNetCore.Mvc.Core
6
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64
5
CefSharp.WinForms
5
CefSharp.Wpf
5
CefSharp.Wpf.HwndHost
5
Microsoft.WindowsDesktop.App.Runtime.win-x64
5
Microsoft.WindowsDesktop.App.Runtime.win-x86
5
Microsoft.AspNetCore.Server.Kestrel.Core
5
System.Text.Encodings.Web
5
System.Net.Http
5
Microsoft.NETCore.App.Runtime.Mono.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.linux-x64
5
Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64
5
Microsoft.AspNetCore.Mvc.Cors
5
Microsoft.NETCore.App.Runtime.Mono.linux-arm64
5
Microsoft.NETCore.App.Runtime.Mono.linux-arm
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64
5
Microsoft.NETCore.App.Runtime.rhel.6-x64
5
Microsoft.NetCore.App.Runtime.linux-arm
4
Microsoft.NetCore.App.Runtime.linux-arm64
4
Microsoft.NetCore.App.Runtime.linux-musl-arm
4
Microsoft.NetCore.App.Runtime.linux-musl-arm64
4
Microsoft.NetCore.App.Runtime.linux-musl-x64
4
Microsoft.NetCore.App.Runtime.linux-x64
4
Microsoft.NetCore.App.Runtime.osx-arm64
4
Microsoft.NetCore.App.Runtime.osx-x64
4
Serenity.Net.Core
4
Microsoft.AspNetCore.Mvc
4
System.Net.Http.WinHttpHandler
4
SharpZipLib
4
System.Net.Security
4
Microsoft.AspNetCore.Mvc.WebApiCompatShim
4
System.Net.WebSockets.Client
4
Microsoft.AspNetCore.Mvc.Abstractions
4
Microsoft.AspNetCore.Mvc.ApiExplorer
4
Microsoft.AspNetCore.Mvc.DataAnnotations
4
OPCFoundation.NetStandard.Opc.Ua
4
NuGet.CommandLine
4
Microsoft.AspNetCore.Mvc.Formatters.Json
4
AjaxNetProfessional
4
NuGet.Commands
4
Microsoft.AspNetCore.Mvc.Formatters.Xml
4
Microsoft.AspNetCore.Mvc.Localization
4
Microsoft.AspNetCore.Mvc.Razor.Host
4
Microsoft.AspNetCore.Mvc.Razor
4
Microsoft.AspNetCore.Mvc.TagHelpers
4
Microsoft.AspNetCore.Mvc.ViewFeatures
4
SSCMS
4
Microsoft.WindowsDesktop.App.Runtime.win-arm64
4
Microsoft.Native.Quic.MsQuic.OpenSSL
3
Microsoft.Native.Quic.MsQuic.Schannel
3
Sustainsys.Saml2
3
CefSharp.Common.NETCore
3
SixLabors.ImageSharp
3
System.Private.Uri
3
Umbraco.Cms.Core
3
OPCFoundation.NetStandard.Opc.Ua.Server
3
System.Security.Cryptography.Xml
3
Microsoft.NETCore.App.Runtime.osx-arm64
3
wix
3
UmbracoCms
3
Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.x86
2
ServiceStack
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.android-x64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.android-x86
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x64
2
Microsoft.Owin
2
sharpcompress
2
jQuery.Validation
2
jquery-validation
2
UmbracoCMS.Core
2
System.Management.Automation
2
starkbank-ecdsa
2
Snowflake.Data
2
Moment.js
2
moment
2
elFinder.NetCore
2
Microsoft.AspNetCore.Http.Connections
2
HtmlSanitizer
2
PanelSwWix4.Sdk
2
System.Data.SqlClient
2
Microsoft.Data.SqlClient
2
Google.Protobuf
2
google/protobuf
2
github.com/protocolbuffers/protobuf
2
protobuf
2
bootstrap.sass
2
bootstrap
2
Bootstrap.Less
2
Azure.Identity
2
PeterO.Cbor
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x86
2
Umbraco.Cms.Web.BackOffice
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x64
2
DisCatSharp
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.osx-arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.x64
2
Filter by Repository
https://github.com/chakra-core/ChakraCore
214
https://github.com/dotnet/runtime
23
https://github.com/github/advisory-database
18
https://github.com/umbraco/Umbraco-CMS
16
https://github.com/OPCFoundation/UA-.NETStandard
10
https://github.com/dotnet/aspnetcore
10
https://github.com/jquery/jquery
10
https://github.com/tinymce/tinymce
9
https://github.com/dnnsoftware/Dnn.Platform
7
https://github.com/cefsharp/CefSharp
7
https://github.com/jquery/jquery-ui
6
https://github.com/icsharpcode/SharpZipLib
4
https://github.com/michaelschwarz/Ajax.NET-Professional
4
https://github.com/siteserver/cms
4
https://github.com/NuGet/NuGet.Client
4
https://github.com/SixLabors/ImageSharp
3
https://github.com/dotnet/wpf
3
https://github.com/serenity-is/Serenity
3
https://github.com/dotnet/sdk
3
https://github.com/PowerShell/PowerShell
3
https://github.com/Azure/azure-sdk-for-net
3
https://github.com/Sustainsys/Saml2
3
https://github.com/microsoft/msquic
3
https://github.com/wixtoolset/issues
3
https://github.com/nirbar/wix4
2
https://github.com/nirbar/wix3
2
https://github.com/mongodb/mongo-csharp-driver
2
https://github.com/moment/moment
2
https://github.com/microsoft/reverse-proxy
2
https://github.com/orchardcms/orchardcore
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/gordon-matt/elFinder.NetCore
2
https://github.com/mganss/HtmlSanitizer
2
https://github.com/Orckestra/C1-CMS-Foundation
2
https://github.com/jquery-validation/jquery-validation
2
https://github.com/peteroupc/CBOR
2
https://github.com/PiranhaCMS/piranha.core
2
https://github.com/dotnet/corefx
2
https://github.com/ServiceStack/ServiceStack
2
https://github.com/adamhathcock/sharpcompress
2
https://github.com/theori-io/chakra-2016-11
2
https://github.com/snowflakedb/snowflake-connector-net
2
https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet
2
https://github.com/Aiko-IT-Systems/DisCatSharp
2
https://github.com/google/protobuf
1
https://github.com/apache/avro
1
https://github.com/Antaris/RazorEngine
1
https://github.com/gsemac/Gsemac.Common
1
https://github.com/haf/DotNetZip.Semverd
1
https://github.com/akkadotnet/akka.net
1
https://github.com/HangfireIO/Hangfire
1
https://github.com/imazen/imageflow
1
https://github.com/imazen/resizer
1
https://github.com/JamesNK/Newtonsoft.Json
1
https://github.com/adplug/adplug
1
https://github.com/aaubry/YamlDotNet
1
https://github.com/Jasig/phpCAS
1
https://github.com/jchristn/IpMatcher
1
https://github.com/dotnetcore/AgileConfig
1
https://github.com/dnnsoftware/dnn.platform
1
https://github.com/CoreWCF/CoreWCF
1
https://github.com/Brondahl/EnumStringValues
1
https://github.com/drewnoakes/metadata-extractor-dotnet
1
https://github.com/brantburnett/Snappier
1
https://github.com/dub-flow/vulnerability-research
1
https://github.com/bcgit/bc-csharp
1
https://github.com/elastic/apm-agent-dotnet
1
https://github.com/FastReports/FastReport
1
https://github.com/AzureAD/microsoft-authentication-library-for-dotnet
1
https://github.com/AsynkronIT/Wire
1
https://github.com/Archomeda/Gw2Sharp
1
https://github.com/glennrp/libpng
1
https://github.com/apache/logging-log4net
1
https://github.com/google/brotli
1
https://github.com/jellyfin/jellyfin
1
https://github.com/pubnub/javascript
1
https://github.com/qnighy/libwebp-sys2-rs
1
https://github.com/QuantConnect/Lean
1
https://github.com/ravibpatel/AutoUpdater.NET
1
https://github.com/recurly/recurly-client-net
1
https://github.com/restsharp/RestSharp
1
https://github.com/SeppPenner/WindowsHello
1
https://github.com/SeriaWei/ZKEACMS
1
https://github.com/SinGooCMS/SinGooCMSUtility
1
https://github.com/spassarop/antisamy-dotnet
1
https://github.com/sshnet/NET
1
https://github.com/starkbank/ecdsa-dotnet
1
https://github.com/starkbank/ecdsa-python
1
https://github.com/swagger-api/swagger-ui
1
https://github.com/tgstation/tgstation-server
1
https://github.com/trannamtrung1st/elFinder.Net.Core
1
https://github.com/TrueLayer/truelayer-dotnet
1
https://github.com/turquoiseowl/i18n
1
https://github.com/twbs/bootstrap
1
https://github.com/umbraco/Umbraco.Workflow.Issues
1
https://github.com/zzzprojects/System.Linq.Dynamic.Core
1
https://gitlab.com/eLeN3Re/cve-2020-9471
1
https://gitlab.com/eLeN3Re/cve-2020-9472
1
https://github.com/jellyfin/jellyfin-web
1
https://github.com/joniles/mpxj
1
https://github.com/jonschlinkert/set-value
1
https://github.com/kapetan/dns
1
https://github.com/ldqk/Masuit.Tools
1
https://github.com/LittleBigRefresh/Bunkum
1
https://github.com/madskristensen/Miniblog.Core
1
https://github.com/mbdavid/LiteDB
1
https://github.com/mguinness/elFinder.AspNet
1
https://github.com/MichaelGrafnetter/DSInternals
1
https://github.com/microsoft/bond
1
https://github.com/microsoft/botbuilder-dotnet
1
https://github.com/microsoft/ChakraCore
1
https://github.com/microsoft/DirectXTex
1
https://github.com/moq/moq
1
https://github.com/NancyFx/Nancy
1
https://github.com/neuecc/MessagePack-CSharp
1
https://github.com/NuGet/Home
1
https://github.com/OPCFoundation/UA-.NET-Legacy
1
https://github.com/open-telemetry/opentelemetry-dotnet
1
https://github.com/OrchardCMS/OrchardCore
1
https://github.com/personnummer/csharp
1
https://github.com/protocolbuffers/protobuf
1