Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
nuget Security Advisories
Loading...
Moderate
Ecosystems: nuget
Packages: DotNetNuke.Web, DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS05dzcyLTJmMjMtNTdnbc4AAvJm
DNN vulnerable to Relative Path TraversalEcosystems: nuget
Packages: DotNetNuke.Web, DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: nuget
Packages: Microsoft.AspNetCore.Mvc.WebApiCompatShim, Microsoft.AspNetCore.Mvc.ViewFeatures, Microsoft.AspNetCore.Mvc.TagHelpers, Microsoft.AspNetCore.Mvc.Razor, Microsoft.AspNetCore.Mvc.Razor.Host, Microsoft.AspNetCore.Mvc.Localization, Microsoft.AspNetCore.Mvc.Formatters.Xml, Microsoft.AspNetCore.Mvc.Formatters.Json, Microsoft.AspNetCore.Mvc.DataAnnotations, Microsoft.AspNetCore.Mvc.Cors, Microsoft.AspNetCore.Mvc.ApiExplorer, Microsoft.AspNetCore.Mvc.Abstractions, System.Net.WebSockets.Client, System.Net.Security, System.Net.Http.WinHttpHandler, System.Text.Encodings.Web, System.Net.Http, Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.Mvc
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4ZjQtMnc0cC1taGpj
Moderate severity vulnerability that affects Microsoft.AspNetCore.MvcEcosystems: nuget
Packages: Microsoft.AspNetCore.Mvc.WebApiCompatShim, Microsoft.AspNetCore.Mvc.ViewFeatures, Microsoft.AspNetCore.Mvc.TagHelpers, Microsoft.AspNetCore.Mvc.Razor, Microsoft.AspNetCore.Mvc.Razor.Host, Microsoft.AspNetCore.Mvc.Localization, Microsoft.AspNetCore.Mvc.Formatters.Xml, Microsoft.AspNetCore.Mvc.Formatters.Json, Microsoft.AspNetCore.Mvc.DataAnnotations, Microsoft.AspNetCore.Mvc.Cors, Microsoft.AspNetCore.Mvc.ApiExplorer, Microsoft.AspNetCore.Mvc.Abstractions, System.Net.WebSockets.Client, System.Net.Security, System.Net.Http.WinHttpHandler, System.Text.Encodings.Web, System.Net.Http, Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.Mvc
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: over 5 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.AspNetCore.Authentication.JwtBearer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE3Y2ctNDNtZy1xcDY5
ASP.NET Core Information Disclosure VulnerabilityEcosystems: nuget
Packages: Microsoft.AspNetCore.Authentication.JwtBearer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: nuget
Packages: DSInternals.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS12eDJ4LTljZmYtZmhqd84AAwLo
DSInternals Credential Roaming Elevation of Privilege VulnerabilityEcosystems: nuget
Packages: DSInternals.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: nuget
Packages: NuGet.CommandLine.XPlat, NuGet.CommandLine, NuGet.Commands
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zODg1LThncWMtM3dwZs4AArjp
Potential leak of NuGet.org API keyEcosystems: nuget
Packages: NuGet.CommandLine.XPlat, NuGet.CommandLine, NuGet.Commands
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: SSCMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00cWY2LXZwajgtcDRyNs4AArXo
Cross site scripting in SSCMSEcosystems: nuget
Packages: SSCMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: SSH.NET
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03MnA4LXY0aGctdjQ1cM4AArTX
Weak private key generation in SSH.NETEcosystems: nuget
Packages: SSH.NET
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: DisCatSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1mcnhnLWhmNDQtcTc2Nc0_ow
Exposure of Sensitive Information to an Unauthorized Actor in DisCatSharpEcosystems: nuget
Packages: DisCatSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.Mono.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-x64, Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64, Microsoft.NETCore.App.Runtime.Mono.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-arm, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App.Runtime.rhel.6-x64, Microsoft.NETCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS12Z3dxLWhmcWMtNTh3ds4AAvfI
.NET Core Information Disclosure VulnerabilityEcosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.Mono.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-x64, Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64, Microsoft.NETCore.App.Runtime.Mono.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-arm, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App.Runtime.rhel.6-x64, Microsoft.NETCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: nuget
Packages: SharpZipLib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1tbTZnLW1tcTYtNTNmZs0mqg
Path Traversal in SharpZipLibEcosystems: nuget
Packages: SharpZipLib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: nuget
Packages: OrchardCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS02dzVtLWpnYzUtOGNnY80itQ
orchardcore is vulnerable to Cross-site ScriptingEcosystems: nuget
Packages: OrchardCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.AspNetCore.All, Microsoft.AspNetCore.Server.Kestrel.Transport.Libuv, Microsoft.AspNetCore.Server.Kestrel.Transport.Abstractions, Microsoft.AspNetCore.Server.Kestrel.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNtMnItcTh4My14bWY3
Moderate severity vulnerability that affects Microsoft.AspNetCore.All, Microsoft.AspNetCore.Server.Kestrel.Core, Microsoft.AspNetCore.Server.Kestrel.Transport.Abstractions, and Microsoft.AspNetCore.Server.Kestrel.Transport.LibuvEcosystems: nuget
Packages: Microsoft.AspNetCore.All, Microsoft.AspNetCore.Server.Kestrel.Transport.Libuv, Microsoft.AspNetCore.Server.Kestrel.Transport.Abstractions, Microsoft.AspNetCore.Server.Kestrel.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
Moderate
Ecosystems: nuget
Packages: Piranha
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1qdmpwLXZoMjctcjloNc0Wug
Cross-site Scripting in PiranhaCMSEcosystems: nuget
Packages: Piranha
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: nuget
Packages: System.DirectoryServices.Protocols
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS05Y3hoLWdxcHgtcWM1bc0WiA
Credential Disclosure in System.DirectoryServices.ProtocolsEcosystems: nuget
Packages: System.DirectoryServices.Protocols
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlxOTQtdjdjaC1teHF3
Insufficient Session Expiration and TOCTOU Race Condition in OPC FOundation UA .Net StandardEcosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Moderate
Ecosystems: nuget
Packages: UmbracoCms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo2NmYtaDlobS05NzVt
Unrestricted Upload of File with Dangerous Type in Umbraco CMSEcosystems: nuget
Packages: UmbracoCms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Moderate
Ecosystems: nuget
Packages: Serenity.Net.Web, Serenity.Net.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS13N2ptLTl4NG0tOHFjM84AAy_c
User account enumeration in SerenityEcosystems: nuget
Packages: Serenity.Net.Web, Serenity.Net.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
Ecosystems: nuget
Packages: Sustainsys.Saml2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk0NzUteGc2bS1qN3B3
Subject Confirmation Method not validated in Saml2 Authentication Services for ASP.NETEcosystems: nuget
Packages: Sustainsys.Saml2
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 4 years ago
Moderate
Ecosystems: nuget
Packages: HaemmerElectronics.SeppPenner.WindowsHello
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXd2cHYtZmZjdi1yNmN3
Internal NCryptDecrypt method could be used externally from WindowsHello library.Ecosystems: nuget
Packages: HaemmerElectronics.SeppPenner.WindowsHello
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 4 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpoeDMtMnc1eC14Mzl4
Microsoft.ChakraCore vulnerable to Exposure of Sensitive Information to an Unauthorized ActorEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 5 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wanByLTJxcXAtZ3ByZs4AAbSy
ChakraCore information disclosure vulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: 7 months ago
GSA_kwCzR0hTQS1oZ3F4LXIyaHAtanIzOM4AA2kG
TinyMCE XSS vulnerability in notificationManager.open APIEcosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: 7 months ago
Moderate
Ecosystems: nuget
Packages: OrchardCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS01Z2c5LWd3ajQtbXFtas4AAvKC
OrchardCore vulnerable to HTML injectionEcosystems: nuget
Packages: OrchardCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: nuget
Packages: ZKEACMS.Publisher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oYzcyLXZqM2ctNWcyZ84AArN9
Cross-site Scripting in ZKEACMSEcosystems: nuget
Packages: ZKEACMS.Publisher
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: UmbracoCms.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05NXFyLTY3cngtOXBnaM4AAnEU
Umbraco CMS vulnerable to stored XSSEcosystems: nuget
Packages: UmbracoCms.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: Serenity.Net.Services, Serenity.Net.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS05M2g2LXd4N3ItbWdmcM4AAy_b
Cross Site Scripting (XSS) in SerenityEcosystems: nuget
Packages: Serenity.Net.Services, Serenity.Net.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Server, OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
GSA_kwCzR0hTQS00Y3ZwLWhyNjMtODIyas4AAzGJ
Exposure of Sensitive Information in OPC UA .NET Standard Reference ServerEcosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Server, OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 year ago
Moderate
Ecosystems: nuget, npm
Packages: Swashbuckle.AspNetCore.SwaggerUI, swagger-ui-react, swagger-ui-dist, swagger-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1xcm1tLXc3NXctM3dweM0agw
Server side request forgery in SwaggerUIEcosystems: nuget, npm
Packages: Swashbuckle.AspNetCore.SwaggerUI, swagger-ui-react, swagger-ui-dist, swagger-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tajQ4LWY5NTktcHFwaM4AAesR
DotNetNuke (DNN) Open redirect vulnerabilityEcosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12amNtLWo4NXItN3A2OM4AAjqk
DNN File Upload VulnerabilityEcosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: UmbracoCMS.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1ncXFmLThjeDYtOXI3aM4AAjYx
Umbraco CMS vulnerable to CSRFEcosystems: nuget
Packages: UmbracoCMS.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget, maven, rubygems, npm
Packages: jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui-rails, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFxeHAteHA5di12dng2
jquery-ui Tooltip widget vulnerable to XSSEcosystems: nuget, maven, rubygems, npm
Packages: jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui-rails, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 6 years ago
Moderate
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1tand3LTkzNG0taDRqd80XiQ
Improper Certificate Validation in OPCFoundation.NetStandard.Opc.Ua.CoreEcosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13M3FyLTh2NHItNTkybc4AATDt
ChakraCore information disclosure vulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13ZzQ3LTZjcWMtcTUyas4AATCv
ChakraCore Security BypassEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05M2M3LTI5NDItM2g0N84AAU7a
ChakraCore information disclosure vulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1tdzloLWhjcDctZmdjNs4AAual
Exposure of Sensitive Information in OPCFoundation.NetStandard.Opc.Ua.ServerEcosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Server
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: nuget
Packages: UmbracoCMS.Web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS14ajk0LXJnZjktY3EzN84AAYVo
Umbraco CMS vulnerable to stored XSSEcosystems: nuget
Packages: UmbracoCMS.Web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: UmbracoCms.Web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oMnZxLTdnZjItcXc5ds4AAYVg
Umbraco CMS XXE VulnerabilityEcosystems: nuget
Packages: UmbracoCms.Web
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: pypi, maven, nuget
Packages: commondatamodel-objectmodel, com.microsoft.commondatamodel:objectmodel, Microsoft.CommonDataModel.ObjectModel
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 7 months ago
GSA_kwCzR0hTQS12bTJtLTdocHctZnBtcc4AA2XX
Microsoft Common Data Model SDK Denial of Service VulnerabilityEcosystems: pypi, maven, nuget
Packages: commondatamodel-objectmodel, com.microsoft.commondatamodel:objectmodel, Microsoft.CommonDataModel.ObjectModel
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 7 months ago
Moderate
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1ydnJqLWo3Y2MtMjM2cM4AAZ0Y
DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameterEcosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-x64
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS1oM2h2LTYzcTUtamdwcs4AA11k
Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service VulnerabilityEcosystems: nuget
Packages: Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-x64
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Moderate
Ecosystems: nuget
Packages: Akka
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1ncHY1LXJwNnctNThyOM4AAv_m
Remote code execution vulnerability in dependency System.Drawing.CommonEcosystems: nuget
Packages: Akka
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: rubygems, nuget, maven, npm
Packages: jquery-rails, jQuery, org.webjars.npm:jquery, jquery
Source: GitHub Advisory Database
Blast Radius: 104.9
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJwcWotaDN2ai1wcWd3
Cross-Site Scripting in jqueryEcosystems: rubygems, nuget, maven, npm
Packages: jquery-rails, jQuery, org.webjars.npm:jquery, jquery
Source: GitHub Advisory Database
Blast Radius: 104.9
Published: over 3 years ago
Moderate
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS14cjk2LTdjY3AtcGc1Y82YIg
DotNetNuke Vulnerable to XSS in Pass-Through ValuesEcosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
Ecosystems: nuget, rubygems, maven, npm
Packages: jQuery.UI.Combined, jquery-ui-rails, org.webjars.npm:jquery-ui, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: almost 2 years ago
GSA_kwCzR0hTQS1oNmdqLTZqanEtaDhnOc4AAtcw
jQuery UI vulnerable to XSS when refreshing a checkboxradio with an HTML-like initial text labelEcosystems: nuget, rubygems, maven, npm
Packages: jQuery.UI.Combined, jquery-ui-rails, org.webjars.npm:jquery-ui, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: mongodb.driver
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1wOXJ2LXFncXctangyd84AAofu
MongoDB C# Driver Risk of Exposing Authentication Data via Command ListenerEcosystems: nuget
Packages: mongodb.driver
Source: GitHub Advisory Database
Blast Radius: 8.5
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS1jZnI1LTdwNTQtNHFnOM4AA3ud
Privilege Escalation using SpoofingEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Moderate
Ecosystems: nuget, packagist, npm
Packages: TinyMCE, tinymce/tinymce, tinymce
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: over 1 year ago
GSA_kwCzR0hTQS1nZzhyLXhqd3EtNHc5Ms4AAwOk
Cross-site scripting vulnerability in TinyMCE alertsEcosystems: nuget, packagist, npm
Packages: TinyMCE, tinymce/tinymce, tinymce
Source: GitHub Advisory Database
Blast Radius: 38.4
Published: over 1 year ago
Moderate
Ecosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc3angtajc3bS13cDY1
Cross-site scripting vulnerability in TinyMCEEcosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Moderate
Ecosystems: nuget
Packages: OWASP.AntiSamy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS04eDZmLTk1NmYtcTQzd84AA4Jk
OWASP.AntiSamy mXSS when preserving commentsEcosystems: nuget
Packages: OWASP.AntiSamy
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Moderate
Ecosystems: nuget
Packages: Microsoft.IdentityModel.JsonWebTokens, System.IdentityModel.Tokens.Jwt
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS01OWo3LWdocmctZmo1Ms4AA4Tk
Microsoft ASP.NET Core project templates vulnerable to denial of serviceEcosystems: nuget
Packages: Microsoft.IdentityModel.JsonWebTokens, System.IdentityModel.Tokens.Jwt
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Moderate
Ecosystems: nuget
Packages: mono
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS1nNWM2LXc0NzktOTN4bc3Xjg
Mono ASP.NET View State Cross-Site Scripting (XSS) vulnerabilityEcosystems: nuget
Packages: mono
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.Data.SqlClient, System.Data.SqlClient
Source: GitHub Advisory Database
Blast Radius: 10.0
Published: over 1 year ago
GSA_kwCzR0hTQS04ZzJwLTVwcWgtNWptY84AAvv2
.NET Information Disclosure VulnerabilityEcosystems: nuget
Packages: Microsoft.Data.SqlClient, System.Data.SqlClient
Source: GitHub Advisory Database
Blast Radius: 10.0
Published: over 1 year ago
Moderate
Ecosystems: nuget
Packages: CuteEditor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS13MzI3LXdxMjgtM3ZtZs3QXA
CuteSoft CuteEditor Path Traversal vulnerabilityEcosystems: nuget
Packages: CuteEditor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.win-x64, System.Security.Cryptography.Xml
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS12aDU1LTc4Nmctd2p3as4AA5C3
.NET Information Disclosure VulnerabilityEcosystems: nuget
Packages: Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.win-x64, System.Security.Cryptography.Xml
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
Ecosystems: npm, nuget
Packages: @serenity-is/corelib, Serenity.Net.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
GSA_kwCzR0hTQS01ampxLThjdmotdjZtOc4AA5Xi
Cross-site Scripting in SerenityEcosystems: npm, nuget
Packages: @serenity-is/corelib, Serenity.Net.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 3 months ago
Moderate
Ecosystems: nuget
Packages: FullStackHero.WebAPI.Boilerplate
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
GSA_kwCzR0hTQS03NXgyLTZoNG0taDZteM4AA5oj
FullStackHero's WebAPI Boilerplate host header injection vulnerabilityEcosystems: nuget
Packages: FullStackHero.WebAPI.Boilerplate
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 2 months ago
Moderate
Ecosystems: nuget
Packages: log4net
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS1mOWZyLXc1NHEtNzcyaM198g
Apache log4net format string vulnerability causes DoSEcosystems: nuget
Packages: log4net
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
Ecosystems: pypi, nuget, packagist, npm
Packages: django-tinymce, TinyMCE, tinymce/tinymce, tinymce
Source: GitHub Advisory Database
Blast Radius: 64.7
Published: over 2 years ago
GSA_kwCzR0hTQS1yOGhtLXc1Zjctd2ozOc0Wzg
Cross-site scripting vulnerability in TinyMCE pluginsEcosystems: pypi, nuget, packagist, npm
Packages: django-tinymce, TinyMCE, tinymce/tinymce, tinymce
Source: GitHub Advisory Database
Blast Radius: 64.7
Published: over 2 years ago
Moderate
Ecosystems: rubygems, nuget, maven, npm
Packages: jquery-ui-rails, jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 59.3
Published: over 2 years ago
GSA_kwCzR0hTQS1qN3F2LXBnZjYtaHZoNM0Wtw
XSS in `*Text` options of the Datepicker widget in jquery-uiEcosystems: rubygems, nuget, maven, npm
Packages: jquery-ui-rails, jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 59.3
Published: over 2 years ago
Moderate
Ecosystems: rubygems, nuget, maven, npm
Packages: jquery-ui-rails, jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 59.3
Published: over 2 years ago
GSA_kwCzR0hTQS1ncHFxLTk1MnEtNTMyN80Wtg
XSS in the `of` option of the `.position()` util in jquery-uiEcosystems: rubygems, nuget, maven, npm
Packages: jquery-ui-rails, jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 59.3
Published: over 2 years ago
Moderate
Ecosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: over 2 years ago
GSA_kwCzR0hTQS01aDlnLXg1cnYtMjV3Z80WrQ
Cross-site scripting vulnerability in TinyMCEEcosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: over 2 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.AspNetCore.SpaServices
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS14cjhmLTU5cHAtcnh4aM4AAq4d
Elevation of privilege in ASP.NET CoreEcosystems: nuget
Packages: Microsoft.AspNetCore.SpaServices
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: Azure.Identity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS13dnhjLTg1NWYtanZyds4AA6y0
Azure Identity Library for .NET Information Disclosure VulnerabilityEcosystems: nuget
Packages: Azure.Identity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Moderate
Ecosystems: nuget
Packages: System.ServiceModel.Security, System.ServiceModel.Duplex, System.ServiceModel.Primitives, System.ServiceModel.NetTcp, System.ServiceModel.Http, System.Private.ServiceModel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wOXd4LXYyNjQtcTM0cM4AAWUJ
Improper Certificate Validation in Microsoft .NET Framework componentsEcosystems: nuget
Packages: System.ServiceModel.Security, System.ServiceModel.Duplex, System.ServiceModel.Primitives, System.ServiceModel.NetTcp, System.ServiceModel.Http, System.Private.ServiceModel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: Azure.Storage.Blobs, Azure.Storage.Queues
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS02NHg0LTloYzYtcjJoNs4AAtUo
Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption LibraryEcosystems: nuget
Packages: Azure.Storage.Blobs, Azure.Storage.Queues
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: System.Private.Uri, Microsoft.NETCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS14NXFqLTl2bXgtN2c2Z84AAUDs
Improper Input Validation in .Net Framework API'sEcosystems: nuget
Packages: System.Private.Uri, Microsoft.NETCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.NETCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01NjMzLWYzM2otYzZmN83_9A
Tampering vulnerability in .NET CoreEcosystems: nuget
Packages: Microsoft.NETCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.AspNetCore.Server.HttpSys, Microsoft.AspNetCore.Server.IIS, Microsoft.AspNetCore.All, Microsoft.AspNetCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wcnJmLTM5N3YtODN4aM4AAhTD
Open redirect in ASP.NET CoreEcosystems: nuget
Packages: Microsoft.AspNetCore.Server.HttpSys, Microsoft.AspNetCore.Server.IIS, Microsoft.AspNetCore.All, Microsoft.AspNetCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: CefSharp.Wpf.HwndHost, CefSharp.WinForms, CefSharp.Wpf, CefSharp.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB2MzYtaDdqaC1xbTYy
Heap buffer overflow in CefSharpEcosystems: nuget
Packages: CefSharp.Wpf.HwndHost, CefSharp.WinForms, CefSharp.Wpf, CefSharp.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Moderate
Ecosystems: rubygems, nuget, maven, npm
Packages: jquery-ui-rails, jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdjbTItOWM4OS13bWZt
Cross-site Scripting in jquery-uiEcosystems: rubygems, nuget, maven, npm
Packages: jquery-ui-rails, jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: over 6 years ago
Moderate
Ecosystems: rubygems, maven, nuget, npm
Packages: jquery-ui-rails, org.webjars.npm:jquery-ui, jQuery.UI.Combined, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 59.3
Published: over 2 years ago
GSA_kwCzR0hTQS05Z2ozLWh3cDUtcG13Y80WtQ
XSS in the `altField` option of the Datepicker widget in jquery-uiEcosystems: rubygems, maven, nuget, npm
Packages: jquery-ui-rails, org.webjars.npm:jquery-ui, jQuery.UI.Combined, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 59.3
Published: over 2 years ago
Moderate
Ecosystems: nuget, maven
Packages: BouncyCastle, org.bouncycastle:bcprov-jdk16, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-ext-jdk16, org.bouncycastle:bcprov-ext-jdk15on, org.bouncycastle:bc-fips
Source: GitHub Advisory Database
Blast Radius: 22.8
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4eDMtcmc5OS1nYzNw
Timing based private key exposure in Bouncy CastleEcosystems: nuget, maven
Packages: BouncyCastle, org.bouncycastle:bcprov-jdk16, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk15, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-ext-jdk16, org.bouncycastle:bcprov-ext-jdk15on, org.bouncycastle:bc-fips
Source: GitHub Advisory Database
Blast Radius: 22.8
Published: over 2 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.AspNetCore.Mvc.WebApiCompatShim, Microsoft.AspNetCore.Mvc.ViewFeatures, Microsoft.AspNetCore.Mvc.TagHelpers, Microsoft.AspNetCore.Mvc.Razor, Microsoft.AspNetCore.Mvc.Razor.Host, Microsoft.AspNetCore.Mvc.Localization, Microsoft.AspNetCore.Mvc.Formatters.Xml, Microsoft.AspNetCore.Mvc.Formatters.Json, Microsoft.AspNetCore.Mvc.DataAnnotations, Microsoft.AspNetCore.Mvc.Cors, Microsoft.AspNetCore.Mvc.ApiExplorer, Microsoft.AspNetCore.Mvc.Abstractions, System.Net.WebSockets.Client, System.Net.Security, System.Net.Http.WinHttpHandler, System.Text.Encodings.Web, System.Net.Http, Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.Mvc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNoNnAtNGpjbS1oOHZo
Moderate severity vulnerability that affects Microsoft.AspNetCore.Mvc and Microsoft.AspNetCore.Mvc.CoreEcosystems: nuget
Packages: Microsoft.AspNetCore.Mvc.WebApiCompatShim, Microsoft.AspNetCore.Mvc.ViewFeatures, Microsoft.AspNetCore.Mvc.TagHelpers, Microsoft.AspNetCore.Mvc.Razor, Microsoft.AspNetCore.Mvc.Razor.Host, Microsoft.AspNetCore.Mvc.Localization, Microsoft.AspNetCore.Mvc.Formatters.Xml, Microsoft.AspNetCore.Mvc.Formatters.Json, Microsoft.AspNetCore.Mvc.DataAnnotations, Microsoft.AspNetCore.Mvc.Cors, Microsoft.AspNetCore.Mvc.ApiExplorer, Microsoft.AspNetCore.Mvc.Abstractions, System.Net.WebSockets.Client, System.Net.Security, System.Net.Http.WinHttpHandler, System.Text.Encodings.Web, System.Net.Http, Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.Mvc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
Ecosystems: nuget
Packages: ServiceStack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY1cnYtaHB4Zy04eDQ5
Signature validation bypass in ServiceStackEcosystems: nuget
Packages: ServiceStack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Moderate
Ecosystems: nuget
Packages: System.Management.Automation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmcmgtOGNtai1nYzU5
System.Management.Automation subject to bypass via script debuggingEcosystems: nuget
Packages: System.Management.Automation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
Moderate
Ecosystems: maven, rubygems, nuget, npm
Packages: org.webjars.npm:jquery, jquery-rails, jQuery, jquery
Source: GitHub Advisory Database
Blast Radius: 104.9
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0bTMtMmo3aC1mN3h3
Cross-Site Scripting in jqueryEcosystems: maven, rubygems, nuget, npm
Packages: org.webjars.npm:jquery, jquery-rails, jQuery, jquery
Source: GitHub Advisory Database
Blast Radius: 104.9
Published: almost 4 years ago
Moderate
Ecosystems: rubygems, maven, nuget, npm
Packages: jquery-rails, org.webjars.npm:jquery, jquery
Source: GitHub Advisory Database
Blast Radius: 118.7
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWd4cjQteGpqNS01cHgy
Potential XSS vulnerability in jQueryEcosystems: rubygems, maven, nuget, npm
Packages: jquery-rails, org.webjars.npm:jquery, jquery
Source: GitHub Advisory Database
Blast Radius: 118.7
Published: about 4 years ago
Moderate
Ecosystems: maven, nuget, npm, pypi, rubygems
Packages: org.webjars.npm:jquery, jQuery, jquery, django, jquery-rails
Source: GitHub Advisory Database
Blast Radius: 135.8
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZjM2otYzY0bS1xaGdx
XSS in jQuery as used in Drupal, Backdrop CMS, and other productsEcosystems: maven, nuget, npm, pypi, rubygems
Packages: org.webjars.npm:jquery, jQuery, jquery, django, jquery-rails
Source: GitHub Advisory Database
Blast Radius: 135.8
Published: about 5 years ago
Moderate
Ecosystems: rubygems, npm, nuget
Packages: twitter-bootstrap-rails, bootstrap-sass, bootstrap, bootstrap.sass, Bootstrap.Less
Source: GitHub Advisory Database
Blast Radius: 99.3
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl2M20tOGZwOC1tajk5
Bootstrap Vulnerable to Cross-Site ScriptingEcosystems: rubygems, npm, nuget
Packages: twitter-bootstrap-rails, bootstrap-sass, bootstrap, bootstrap.sass, Bootstrap.Less
Source: GitHub Advisory Database
Blast Radius: 99.3
Published: about 5 years ago
Moderate
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVjNjYteDR3bS1yamZ4
Cross-site scripting (XSS) vulnerability in the user-profile biography section in DotNetNuke (DNN)Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
Moderate
Ecosystems: maven, rubygems, npm, nuget
Packages: org.webjars.npm:jquery, jquery-rails, jquery, jQuery
Source: GitHub Advisory Database
Blast Radius: 104.9
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJteGctNzNnZy00cDk4
Cross-Site Scripting (XSS) in jqueryEcosystems: maven, rubygems, npm, nuget
Packages: org.webjars.npm:jquery, jquery-rails, jquery, jQuery
Source: GitHub Advisory Database
Blast Radius: 104.9
Published: over 6 years ago
Statistics
Advisories: 18,440
Packages: 8,316
Repositories: 123
Ecosystems: 12
Packages: 8,316
Repositories: 123
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
Microsoft.ChakraCore
247
DotNetNuke.Core
19
Microsoft.AspNetCore.App.Runtime.win-x64
17
Microsoft.AspNetCore.App.Runtime.win-x86
17
Microsoft.AspNetCore.App.Runtime.win-arm
16
Microsoft.AspNetCore.App.Runtime.linux-arm
15
Microsoft.AspNetCore.App.Runtime.linux-arm64
15
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
15
Microsoft.AspNetCore.App.Runtime.linux-x64
15
Microsoft.AspNetCore.App.Runtime.osx-x64
15
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
14
Microsoft.AspNetCore.App.Runtime.win-arm64
14
Microsoft.NETCore.App.Runtime.win-x86
12
Microsoft.NETCore.App.Runtime.win-x64
12
Microsoft.NETCore.App.Runtime.win-arm64
12
Microsoft.NETCore.App
10
Microsoft.AspNetCore.All
10
Microsoft.AspNetCore.App.Runtime.linux-musl-arm
10
Umbraco.CMS
10
Microsoft.NETCore.App.Runtime.linux-arm64
9
Microsoft.NETCore.App.Runtime.linux-musl-arm64
9
Microsoft.NetCore.App.Runtime.win-arm
9
Microsoft.NETCore.App.Runtime.linux-musl-x64
9
Microsoft.NETCore.App.Runtime.linux-x64
9
Microsoft.NetCore.App.Runtime.win-arm64
9
Microsoft.NetCore.App.Runtime.win-x64
9
Microsoft.NetCore.App.Runtime.win-x86
9
tinymce
9
TinyMCE
9
tinymce/tinymce
9
Microsoft.NETCore.App.Runtime.linux-arm
9
org.webjars.npm:jquery
9
jquery-rails
9
jquery
9
Microsoft.AspNetCore.App
8
Microsoft.AspNetCore.App.Runtime.osx-arm64
8
Microsoft.NETCore.App.Runtime.win-arm
8
Microsoft.NETCore.App.Runtime.osx-x64
8
jQuery
8
Microsoft.NETCore.App.Runtime.linux-musl-arm
7
OPCFoundation.NetStandard.Opc.Ua.Core
7
CefSharp.Common
7
jquery-ui
7
jquery-ui-rails
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
Microsoft.AspNetCore.Mvc.Core
6
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64
5
CefSharp.WinForms
5
CefSharp.Wpf
5
CefSharp.Wpf.HwndHost
5
Microsoft.WindowsDesktop.App.Runtime.win-x64
5
Microsoft.WindowsDesktop.App.Runtime.win-x86
5
Microsoft.AspNetCore.Server.Kestrel.Core
5
System.Text.Encodings.Web
5
System.Net.Http
5
Microsoft.NETCore.App.Runtime.Mono.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.linux-x64
5
Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64
5
Microsoft.AspNetCore.Mvc.Cors
5
Microsoft.NETCore.App.Runtime.Mono.linux-arm64
5
Microsoft.NETCore.App.Runtime.Mono.linux-arm
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64
5
Microsoft.NETCore.App.Runtime.rhel.6-x64
5
Microsoft.NetCore.App.Runtime.linux-arm
4
Microsoft.NetCore.App.Runtime.linux-arm64
4
Microsoft.NetCore.App.Runtime.linux-musl-arm
4
Microsoft.NetCore.App.Runtime.linux-musl-arm64
4
Microsoft.NetCore.App.Runtime.linux-musl-x64
4
Microsoft.NetCore.App.Runtime.linux-x64
4
Microsoft.NetCore.App.Runtime.osx-arm64
4
Microsoft.NetCore.App.Runtime.osx-x64
4
Serenity.Net.Core
4
SharpZipLib
4
Microsoft.AspNetCore.Mvc
4
System.Net.Http.WinHttpHandler
4
System.Net.Security
4
OPCFoundation.NetStandard.Opc.Ua
4
System.Net.WebSockets.Client
4
Microsoft.AspNetCore.Mvc.Abstractions
4
NuGet.CommandLine
4
Microsoft.AspNetCore.Mvc.ApiExplorer
4
AjaxNetProfessional
4
Microsoft.AspNetCore.Mvc.DataAnnotations
4
NuGet.Commands
4
Microsoft.AspNetCore.Mvc.Formatters.Json
4
Microsoft.AspNetCore.Mvc.Formatters.Xml
4
Microsoft.AspNetCore.Mvc.Localization
4
Microsoft.AspNetCore.Mvc.Razor.Host
4
Microsoft.AspNetCore.Mvc.Razor
4
Microsoft.AspNetCore.Mvc.TagHelpers
4
Microsoft.AspNetCore.Mvc.ViewFeatures
4
SSCMS
4
Microsoft.AspNetCore.Mvc.WebApiCompatShim
4
Microsoft.WindowsDesktop.App.Runtime.win-arm64
4
Microsoft.NETCore.App.Runtime.osx-arm64
3
System.Security.Cryptography.Xml
3
Sustainsys.Saml2
3
System.Private.Uri
3
SixLabors.ImageSharp
3
Umbraco.Cms.Core
3
CefSharp.Common.NETCore
3
Microsoft.Native.Quic.MsQuic.OpenSSL
3
Microsoft.Native.Quic.MsQuic.Schannel
3
OPCFoundation.NetStandard.Opc.Ua.Server
3
UmbracoCms
3
wix
3
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.x86
2
ServiceStack
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm
2
Microsoft.NETCore.App.Runtime.Mono.android-x86
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm
2
Microsoft.Owin
2
sharpcompress
2
jQuery.Validation
2
jquery-validation
2
UmbracoCMS.Core
2
System.Management.Automation
2
starkbank-ecdsa
2
Snowflake.Data
2
Moment.js
2
moment
2
elFinder.NetCore
2
Microsoft.AspNetCore.Http.Connections
2
HtmlSanitizer
2
PanelSwWix4.Sdk
2
PanelSW.Custom.WiX
2
System.Data.SqlClient
2
Microsoft.Data.SqlClient
2
Google.Protobuf
2
google/protobuf
2
github.com/protocolbuffers/protobuf
2
protobuf
2
bootstrap.sass
2
bootstrap
2
Bootstrap.Less
2
Azure.Identity
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.arm64
2
Umbraco.Cms.Web.BackOffice
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x64
2
DisCatSharp
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.osx-arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.x64
2
Filter by Repository
https://github.com/chakra-core/ChakraCore
214
https://github.com/dotnet/runtime
23
https://github.com/github/advisory-database
18
https://github.com/umbraco/Umbraco-CMS
16
https://github.com/OPCFoundation/UA-.NETStandard
10
https://github.com/dotnet/aspnetcore
10
https://github.com/jquery/jquery
10
https://github.com/tinymce/tinymce
9
https://github.com/dnnsoftware/Dnn.Platform
7
https://github.com/cefsharp/CefSharp
7
https://github.com/jquery/jquery-ui
6
https://github.com/michaelschwarz/Ajax.NET-Professional
4
https://github.com/icsharpcode/SharpZipLib
4
https://github.com/siteserver/cms
4
https://github.com/NuGet/NuGet.Client
4
https://github.com/dotnet/sdk
3
https://github.com/serenity-is/Serenity
3
https://github.com/dotnet/wpf
3
https://github.com/SixLabors/ImageSharp
3
https://github.com/PowerShell/PowerShell
3
https://github.com/Azure/azure-sdk-for-net
3
https://github.com/Sustainsys/Saml2
3
https://github.com/wixtoolset/issues
3
https://github.com/microsoft/msquic
3
https://github.com/gordon-matt/elFinder.NetCore
2
https://github.com/nirbar/wix4
2
https://github.com/orchardcms/orchardcore
2
https://github.com/nirbar/wix3
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/mongodb/mongo-csharp-driver
2
https://github.com/Orckestra/C1-CMS-Foundation
2
https://github.com/moment/moment
2
https://github.com/microsoft/reverse-proxy
2
https://github.com/peteroupc/CBOR
2
https://github.com/PiranhaCMS/piranha.core
2
https://github.com/dotnet/corefx
2
https://github.com/Aiko-IT-Systems/DisCatSharp
2
https://github.com/mganss/HtmlSanitizer
2
https://github.com/adamhathcock/sharpcompress
2
https://github.com/ServiceStack/ServiceStack
2
https://github.com/snowflakedb/snowflake-connector-net
2
https://github.com/theori-io/chakra-2016-11
2
https://github.com/jquery-validation/jquery-validation
2
https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet
2
https://github.com/jellyfin/jellyfin-web
1
https://github.com/jellyfin/jellyfin
1
https://github.com/jchristn/IpMatcher
1
https://github.com/google/brotli
1
https://github.com/Jasig/phpCAS
1
https://github.com/google/protobuf
1
https://github.com/JamesNK/Newtonsoft.Json
1
https://github.com/imazen/resizer
1
https://github.com/gsemac/Gsemac.Common
1
https://github.com/imazen/imageflow
1
https://github.com/HangfireIO/Hangfire
1
https://github.com/haf/DotNetZip.Semverd
1
https://github.com/adplug/adplug
1
https://github.com/akkadotnet/akka.net
1
https://github.com/Antaris/RazorEngine
1
https://github.com/apache/avro
1
https://github.com/apache/logging-log4net
1
https://github.com/Archomeda/Gw2Sharp
1
https://github.com/AsynkronIT/Wire
1
https://github.com/AzureAD/microsoft-authentication-library-for-dotnet
1
https://github.com/bcgit/bc-csharp
1
https://github.com/brantburnett/Snappier
1
https://github.com/Brondahl/EnumStringValues
1
https://github.com/CoreWCF/CoreWCF
1
https://github.com/dnnsoftware/dnn.platform
1
https://github.com/dotnetcore/AgileConfig
1
https://github.com/aaubry/YamlDotNet
1
https://github.com/drewnoakes/metadata-extractor-dotnet
1
https://github.com/dub-flow/vulnerability-research
1
https://github.com/elastic/apm-agent-dotnet
1
https://github.com/FastReports/FastReport
1
https://github.com/protocolbuffers/protobuf
1
https://github.com/pubnub/javascript
1
https://github.com/qnighy/libwebp-sys2-rs
1
https://github.com/QuantConnect/Lean
1
https://github.com/ravibpatel/AutoUpdater.NET
1
https://github.com/recurly/recurly-client-net
1
https://github.com/restsharp/RestSharp
1
https://github.com/SeppPenner/WindowsHello
1
https://github.com/SeriaWei/ZKEACMS
1
https://github.com/SinGooCMS/SinGooCMSUtility
1
https://github.com/spassarop/antisamy-dotnet
1
https://github.com/sshnet/NET
1
https://github.com/starkbank/ecdsa-dotnet
1
https://github.com/starkbank/ecdsa-python
1
https://github.com/swagger-api/swagger-ui
1
https://github.com/tgstation/tgstation-server
1
https://github.com/trannamtrung1st/elFinder.Net.Core
1
https://github.com/TrueLayer/truelayer-dotnet
1
https://github.com/turquoiseowl/i18n
1
https://github.com/twbs/bootstrap
1
https://github.com/umbraco/Umbraco.Workflow.Issues
1
https://github.com/zzzprojects/System.Linq.Dynamic.Core
1
https://gitlab.com/eLeN3Re/cve-2020-9471
1
https://github.com/glennrp/libpng
1
https://github.com/joniles/mpxj
1
https://github.com/jonschlinkert/set-value
1
https://github.com/kapetan/dns
1
https://github.com/ldqk/Masuit.Tools
1
https://github.com/LittleBigRefresh/Bunkum
1
https://github.com/madskristensen/Miniblog.Core
1
https://github.com/mbdavid/LiteDB
1
https://github.com/mguinness/elFinder.AspNet
1
https://github.com/MichaelGrafnetter/DSInternals
1
https://github.com/microsoft/bond
1
https://github.com/microsoft/botbuilder-dotnet
1
https://github.com/microsoft/ChakraCore
1
https://github.com/microsoft/DirectXTex
1
https://github.com/moq/moq
1
https://github.com/NancyFx/Nancy
1
https://github.com/neuecc/MessagePack-CSharp
1
https://github.com/npgsql/npgsql
1
https://github.com/NuGet/Home
1
https://github.com/OPCFoundation/UA-.NET-Legacy
1
https://github.com/open-telemetry/opentelemetry-dotnet
1
https://github.com/OrchardCMS/OrchardCore
1
https://github.com/personnummer/csharp
1
https://gitlab.com/eLeN3Re/cve-2020-9472
1