Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
nuget Security Advisories
Loading...
Moderate
Ecosystems: nuget
Packages: Snowflake.Data
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS1od2NjLTRjdjgtY2YzaM4AA4AE
Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL)Ecosystems: nuget
Packages: Snowflake.Data
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Moderate
Ecosystems: nuget
Packages: System.Management.Automation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmcmgtOGNtai1nYzU5
System.Management.Automation subject to bypass via script debuggingEcosystems: nuget
Packages: System.Management.Automation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
Moderate
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tNnc5LThjeGMtamZmN84AATzw
DNN XSS VulnerabilityEcosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: sharpcompress
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: over 2 years ago
GSA_kwCzR0hTQS1qcDdmLWdyY3YtNm1qZs0V2Q
Partial path traversal in sharpcompressEcosystems: nuget
Packages: sharpcompress
Source: GitHub Advisory Database
Blast Radius: 10.1
Published: over 2 years ago
Moderate
Ecosystems: nuget
Packages: SharpZipLib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1jcWo0LW0ycGMtdjltNc4AARRG
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLibEcosystems: nuget
Packages: SharpZipLib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: System.Private.Uri, Microsoft.NETCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS14NXFqLTl2bXgtN2c2Z84AAUDs
Improper Input Validation in .Net Framework API'sEcosystems: nuget
Packages: System.Private.Uri, Microsoft.NETCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: TelerikMvcExtensions
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: almost 2 years ago
GSA_kwCzR0hTQS04aDdwLXFqdjgtOW1wNM39jw
Improper Access Control in Telerik ExtensionsEcosystems: nuget
Packages: TelerikMvcExtensions
Source: GitHub Advisory Database
Blast Radius: 11.6
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.AspNetCore.SpaServices
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS14cjhmLTU5cHAtcnh4aM4AAq4d
Elevation of privilege in ASP.NET CoreEcosystems: nuget
Packages: Microsoft.AspNetCore.SpaServices
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1ncnczLWhqam0tNWNqbc4AAVyR
DotNetNuke Default Machine Key ExposureEcosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: log4net
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
GSA_kwCzR0hTQS1mOWZyLXc1NHEtNzcyaM198g
Apache log4net format string vulnerability causes DoSEcosystems: nuget
Packages: log4net
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdyNGMtNXJxNi1jZ2gz
OPC UA applications can allow a remote attacker to determine a Server's private keyEcosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oNm03LWpwaHgtZjlwNc4AAa0X
ChakraCore information disclosure vulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: SixLabors.ImageSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 18 days ago
GSA_kwCzR0hTQS01eDdtLTY3MzctMjZjcs4AA7Bg
SixLabors.ImageSharp vulnerable to data leakageEcosystems: nuget
Packages: SixLabors.ImageSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 18 days ago
Moderate
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS14Z2NjLXIyZjMtcnE2cM38Tw
ChakraCore information disclosure vulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: HtmlSanitizer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS00M2NwLTZwM3EtMnBjNM4AA2Px
HtmlSanitizer vulnerable to Cross-site Scripting in Foreign ContentEcosystems: nuget
Packages: HtmlSanitizer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Moderate
Ecosystems: nuget
Packages: AjaxNetProfessional
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS04djZqLWdjNzQtZm1wcM4AA3hz
Ajax Pro Cross-site ScriptingEcosystems: nuget
Packages: AjaxNetProfessional
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Moderate
Ecosystems: nuget
Packages: UmbracoCms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2cDMtdmZ3dy04NjQ4
Incorrect permission enforcement in UmbracoCmsEcosystems: nuget
Packages: UmbracoCms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
Moderate
Ecosystems: nuget
Packages: NuGet.Commands
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zaGNtLTZmamMtNDdxcc4AArCU
NuGet Package Manager Tampering VulnerabilityEcosystems: nuget
Packages: NuGet.Commands
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: UmbracoCms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkzNngtd2dxdi1oaGdx
Authenticated path traversal in Umbraco CMSEcosystems: nuget
Packages: UmbracoCms
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
Moderate
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13d2Z3LW01NGctZ3Y3Ms4AAQDD
ChakraCore information disclosure vulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS12OThtLTM5OHgtMjY5cs4AA3ub
DOM-XSS on Backoffice login screen.Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Moderate
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05cGhyLWg1bXgtNGZwNs4AAjqv
DNN XSS VulnerabilityEcosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgzMzYtbXhwNi12NWg5
Moderate severity vulnerability that affects OPCFoundation.NetStandard.Opc.UaEcosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
Moderate
Ecosystems: nuget
Packages: Akka
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1ncHY1LXJwNnctNThyOM4AAv_m
Remote code execution vulnerability in dependency System.Drawing.CommonEcosystems: nuget
Packages: Akka
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: pypi, maven, nuget
Packages: commondatamodel-objectmodel, com.microsoft.commondatamodel:objectmodel, Microsoft.CommonDataModel.ObjectModel
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 7 months ago
GSA_kwCzR0hTQS12bTJtLTdocHctZnBtcc4AA2XX
Microsoft Common Data Model SDK Denial of Service VulnerabilityEcosystems: pypi, maven, nuget
Packages: commondatamodel-objectmodel, com.microsoft.commondatamodel:objectmodel, Microsoft.CommonDataModel.ObjectModel
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 7 months ago
Moderate
Ecosystems: nuget
Packages: Microsoft.AspNetCore.All, Microsoft.AspNetCore.Server.Kestrel.Core, Microsoft.AspNetCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNncHctMmdwaC0ycjln
Moderate severity vulnerability that affects Microsoft.AspNetCore.All, Microsoft.AspNetCore.App, and Microsoft.AspNetCore.Server.Kestrel.CoreEcosystems: nuget
Packages: Microsoft.AspNetCore.All, Microsoft.AspNetCore.Server.Kestrel.Core, Microsoft.AspNetCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
Moderate
Ecosystems: nuget
Packages: ServiceStack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12Y2ZjLTl3Y3AtajYyM84AAq1_
Cross site scripting attack in ServiceStack FrameworkEcosystems: nuget
Packages: ServiceStack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: MessagePack.UnityShims, MessagePack.ReactiveProperty, MessagePack.ImmutableCollection, MessagePack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxMzYtNHh4Ny14Y3hm
Untrusted data can lead to DoS attack due to hash collisions and stack overflow in MessagePackEcosystems: nuget
Packages: MessagePack.UnityShims, MessagePack.ReactiveProperty, MessagePack.ImmutableCollection, MessagePack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 4 years ago
Moderate
Ecosystems: nuget
Packages: DotNetNuke.Web, DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS05dzcyLTJmMjMtNTdnbc4AAvJm
DNN vulnerable to Relative Path TraversalEcosystems: nuget
Packages: DotNetNuke.Web, DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: nuget
Packages: Microsoft.AspNetCore.Mvc.WebApiCompatShim, Microsoft.AspNetCore.Mvc.ViewFeatures, Microsoft.AspNetCore.Mvc.TagHelpers, Microsoft.AspNetCore.Mvc.Razor, Microsoft.AspNetCore.Mvc.Razor.Host, Microsoft.AspNetCore.Mvc.Localization, Microsoft.AspNetCore.Mvc.Formatters.Xml, Microsoft.AspNetCore.Mvc.Formatters.Json, Microsoft.AspNetCore.Mvc.DataAnnotations, Microsoft.AspNetCore.Mvc.Cors, Microsoft.AspNetCore.Mvc.ApiExplorer, Microsoft.AspNetCore.Mvc.Abstractions, System.Net.WebSockets.Client, System.Net.Security, System.Net.Http.WinHttpHandler, System.Text.Encodings.Web, System.Net.Http, Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.Mvc
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4ZjQtMnc0cC1taGpj
Moderate severity vulnerability that affects Microsoft.AspNetCore.MvcEcosystems: nuget
Packages: Microsoft.AspNetCore.Mvc.WebApiCompatShim, Microsoft.AspNetCore.Mvc.ViewFeatures, Microsoft.AspNetCore.Mvc.TagHelpers, Microsoft.AspNetCore.Mvc.Razor, Microsoft.AspNetCore.Mvc.Razor.Host, Microsoft.AspNetCore.Mvc.Localization, Microsoft.AspNetCore.Mvc.Formatters.Xml, Microsoft.AspNetCore.Mvc.Formatters.Json, Microsoft.AspNetCore.Mvc.DataAnnotations, Microsoft.AspNetCore.Mvc.Cors, Microsoft.AspNetCore.Mvc.ApiExplorer, Microsoft.AspNetCore.Mvc.Abstractions, System.Net.WebSockets.Client, System.Net.Security, System.Net.Http.WinHttpHandler, System.Text.Encodings.Web, System.Net.Http, Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.Mvc
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: over 5 years ago
Moderate
Ecosystems: maven, rubygems, nuget, npm
Packages: org.webjars.npm:jquery, jquery-rails, jQuery, jquery
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01Nzl2LW1wM3YtcnJ3Nc4AATnF
jQuery vulnerable to Cross-Site Scripting (XSS)Ecosystems: maven, rubygems, nuget, npm
Packages: org.webjars.npm:jquery, jquery-rails, jQuery, jquery
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget
Packages: NuGet.CommandLine.XPlat, NuGet.CommandLine, NuGet.Commands
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zODg1LThncWMtM3dwZs4AArjp
Potential leak of NuGet.org API keyEcosystems: nuget
Packages: NuGet.CommandLine.XPlat, NuGet.CommandLine, NuGet.Commands
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: nuget, maven, rubygems, npm
Packages: jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui-rails, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhwY2YtOHZmOS1xNGdq
jQuery-UI vulnerable to Cross-site Scripting in dialog closeTextEcosystems: nuget, maven, rubygems, npm
Packages: jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui-rails, jquery-ui
Source: GitHub Advisory Database
Blast Radius: 55.7
Published: over 6 years ago
Moderate
Ecosystems: nuget
Packages: Bunkum
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1qcmYyLWg1ajYtM3Jycc4AA2kC
Bunkum tokens cached in the AuthenticationService are susceptible to a use-after-freeEcosystems: nuget
Packages: Bunkum
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
Moderate
Ecosystems: nuget
Packages: SixLabors.ImageSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 18 days ago
GSA_kwCzR0hTQS1nODVyLTZ4MnEtNDV3N84AA7Bf
SixLabors.ImageSharp vulnerable to Memory Allocation with Excessive Size ValueEcosystems: nuget
Packages: SixLabors.ImageSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 18 days ago
Moderate
Ecosystems: nuget
Packages: SharpZipLib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1tbTZnLW1tcTYtNTNmZs0mqg
Path Traversal in SharpZipLibEcosystems: nuget
Packages: SharpZipLib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: nuget
Packages: SharpZipLib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS0yeDdoLTk2aDUtcnE4NM0mqw
Path Traversal in SharpZipLibEcosystems: nuget
Packages: SharpZipLib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: maven, nuget, rubygems, npm
Packages: org.webjars.npm:jquery, jQuery, jquery-rails, jquery
Source: GitHub Advisory Database
Blast Radius: 118.7
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpwY3EtY2d3Ni12NGo2
Potential XSS vulnerability in jQueryEcosystems: maven, nuget, rubygems, npm
Packages: org.webjars.npm:jquery, jQuery, jquery-rails, jquery
Source: GitHub Advisory Database
Blast Radius: 118.7
Published: about 4 years ago
Moderate
Ecosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: about 1 month ago
GSA_kwCzR0hTQS00MzhjLTM5NzUtNXgzZs4AA6Te
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling iframesEcosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: about 1 month ago
Moderate
Ecosystems: nuget, npm, packagist
Packages: TinyMCE, tinymce, tinymce/tinymce
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: about 1 month ago
GSA_kwCzR0hTQS01MzU5LXB2ZjItcHc3OM4AA6Td
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elementsEcosystems: nuget, npm, packagist
Packages: TinyMCE, tinymce, tinymce/tinymce
Source: GitHub Advisory Database
Blast Radius: 30.8
Published: about 1 month ago
Low
Ecosystems: nuget
Packages: Microsoft.Identity.Client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 17 days ago
GSA_kwCzR0hTQS14Njc0LXY0NWotZnd4d84AA7DY
MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of serviceEcosystems: nuget
Packages: Microsoft.Identity.Client
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 17 days ago
Low
Ecosystems: nuget
Packages: personnummer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF2OHEtdjk5NS03Mmdy
personnummer/csharp vulnerable to Improper Input ValidationEcosystems: nuget
Packages: personnummer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Low
Ecosystems: nuget
Packages: HtmlSanitizer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqOXYtaDJ2cC0yaGh2
XSS in HtmlSanitizerEcosystems: nuget
Packages: HtmlSanitizer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS03eDc0LWg4Y3ctcWh4cc4AA3uf
Brute force exploit can be used to collect valid usernamesEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
Ecosystems: nuget
Packages: UmbracoCMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
GSA_kwCzR0hTQS01NTJmLTk3d2YtcG1wcc4AA6LG
Umbraco possible user enumerationEcosystems: nuget
Packages: UmbracoCMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS04cXA4LTlycHctajQ2Y84AA3ue
SMTP misconfiguration leading to "Forgot Password" exploit that leaks registered user email.Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS02MzI0LTUycHItaDRwNc4AA3uc
Using the directory back payload (“/../”) in a package name allows placement of package in other folders.Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
Ecosystems: nuget
Packages: Gsemac.Net
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS13NHg2LWhoM3gtd2pyeM4AA3q0
Stale copy of the public suffix listEcosystems: nuget
Packages: Gsemac.Net
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS02eG14LTg1eDMtNGN2Ms4AA3ug
Stored XSS via SVG File UploadEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS0zMzV4LTV3Y20tOGp2Ms4AA3ua
Backoffice User can bypass "Publish" restrictionEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
Ecosystems: nuget
Packages: Elastic.Apm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS1oeDkzLWdjNzMtNXJwcs4AA3TE
Exposure of Sensitive Information in Elastic APM .NET AgentEcosystems: nuget
Packages: Elastic.Apm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
GSA_kwCzR0hTQS14eGM2LTM1cjctNzk2d84AA3uY
Possible injection of HTML into user invite mailsEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
Ecosystems: nuget
Packages: moq
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS02cjc4LW02NG0tcXdjZs4AA1OC
Moq v4.20.0-rc to 4.20.1 share hashed user dataEcosystems: nuget
Packages: moq
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Low
Ecosystems: pypi, nuget, maven
Packages: mpxj, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: over 1 year ago
GSA_kwCzR0hTQS1qZjJwLTRncWotODQ5Z84AAwED
Temporary File Information Disclosure vulnerability in MPXJEcosystems: pypi, nuget, maven
Packages: mpxj, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, net.sf.mpxj:mpxj
Source: GitHub Advisory Database
Blast Radius: 8.1
Published: over 1 year ago
Low
Ecosystems: nuget, npm
Packages: jQuery.Validation, jquery-validation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qOW0yLWgycHYtd3ZwaM4AArVh
Regular expression denial of service in jquery-validationEcosystems: nuget, npm
Packages: jQuery.Validation, jquery-validation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
Ecosystems: nuget
Packages: Gw2Sharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2cjMtOXY3aC01Zjh2
Low severity vulnerability that affects Gw2SharpEcosystems: nuget
Packages: Gw2Sharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
Low
Ecosystems: nuget
Packages: EnumStringValues
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS12cTIzLWh3ZzctaHhyaM4AAwfq
EnumStringValues vulnerable to Uncontrolled Resource ConsumptionEcosystems: nuget
Packages: EnumStringValues
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: nuget
Packages: Apache.Avro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS04Njh4LXJnNGMtY2pxZ80hDQ
Allocation of Resources Without Limits or Throttling in Apache AvroEcosystems: nuget
Packages: Apache.Avro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01ZjZwLTRoeHEtcmp4bc4AAb4c
Umbraco CMS vulnerable to CSRFEcosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12Zmp3LWNyY3EtcTkyds4AAVcU
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: rubygems, maven, nuget, npm
Packages: jquery-rails, org.webjars.npm:jquery, jQuery, jquery
Source: GitHub Advisory Database
Blast Radius: 129.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1ocHAtODc1dy05Y3B2
Denial of Service in jqueryEcosystems: rubygems, maven, nuget, npm
Packages: jquery-rails, org.webjars.npm:jquery, jQuery, jquery
Source: GitHub Advisory Database
Blast Radius: 129.0
Published: over 6 years ago
High
Ecosystems: nuget
Packages: WixToolset.Util.wixext, wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
GSA_kwCzR0hTQS1qeDRwLW00d20tdnZqZ84AA6Rh
Malicious directory junction can cause WiX RemoveFoldersEx to possibly delete elevated filesEcosystems: nuget
Packages: WixToolset.Util.wixext, wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1mamo4LWd2NGotOTUzcM4AAVdH
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Newtonsoft.Json
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01Y3JwLTlyM2MtcDl2cs4AAs6x
Improper Handling of Exceptional Conditions in Newtonsoft.JsonEcosystems: nuget
Packages: Newtonsoft.Json
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: WixToolset.Sdk, wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
GSA_kwCzR0hTQS1yZjM5LTNmOTgteHI3cs4AA6Ri
WiX based installers are vulnerable to binary hijack when run as SYSTEMEcosystems: nuget
Packages: WixToolset.Sdk, wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 month ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zdzR2LXFmcWMtMzQzM84AAQCE
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: npm, nuget
Packages: set-value, set-value-nuget
Source: GitHub Advisory Database
Blast Radius: 49.0
Published: over 2 years ago
GSA_kwCzR0hTQS00anFjLThtNXItOXJwcs0Vvg
Prototype Pollution in set-valueEcosystems: npm, nuget
Packages: set-value, set-value-nuget
Source: GitHub Advisory Database
Blast Radius: 49.0
Published: over 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01cnEzLTl3YzktbTljM84AAQFJ
ChakraCore Memory Corruption VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12OWpnLW02ZzUtaDNoaM4AAVaY
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgyM20tdzZ4NS1qd3I0
Out-of-bounds writeEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
Ecosystems: nuget
Packages: System.Net.Requests
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
GSA_kwCzR0hTQS1jM2hmLTh2Z3gtNzJyaM4AA3Hy
Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege VulnerabilityEcosystems: nuget
Packages: System.Net.Requests
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
High
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh4M2gtajNjeC04cWZq
Insufficient Entropy in DotNetNukeEcosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS02YzJ2LXhjOGYtZnZmN838Rg
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS02djhyLTgzdjMtcm1yZs38Sw
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXAyM2otZzc0NS04NDQ5
Out-of-bounds writeEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
Ecosystems: nuget
Packages: DisCatSharp, Microsoft.AspNetCore.Mvc.WebApiCompatShim, Microsoft.AspNetCore.Mvc.ViewFeatures, Microsoft.AspNetCore.Mvc.TagHelpers, Microsoft.AspNetCore.Mvc.Razor, Microsoft.AspNetCore.Mvc.Razor.Host, Microsoft.AspNetCore.Mvc.Localization, Microsoft.AspNetCore.Mvc.Formatters.Xml, Microsoft.AspNetCore.Mvc.Formatters.Json, Microsoft.AspNetCore.Mvc.DataAnnotations, Microsoft.AspNetCore.Mvc.Cors, Microsoft.AspNetCore.Mvc.ApiExplorer, Microsoft.AspNetCore.Mvc.Abstractions, System.Net.WebSockets.Client, System.Net.Security, System.Net.Http.WinHttpHandler, System.Text.Encodings.Web, System.Net.Http, Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.Mvc
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFocWYtZ2hnaC14Mm00
High severity vulnerability that affects Microsoft.AspNetCore.MvcEcosystems: nuget
Packages: DisCatSharp, Microsoft.AspNetCore.Mvc.WebApiCompatShim, Microsoft.AspNetCore.Mvc.ViewFeatures, Microsoft.AspNetCore.Mvc.TagHelpers, Microsoft.AspNetCore.Mvc.Razor, Microsoft.AspNetCore.Mvc.Razor.Host, Microsoft.AspNetCore.Mvc.Localization, Microsoft.AspNetCore.Mvc.Formatters.Xml, Microsoft.AspNetCore.Mvc.Formatters.Json, Microsoft.AspNetCore.Mvc.DataAnnotations, Microsoft.AspNetCore.Mvc.Cors, Microsoft.AspNetCore.Mvc.ApiExplorer, Microsoft.AspNetCore.Mvc.Abstractions, System.Net.WebSockets.Client, System.Net.Security, System.Net.Http.WinHttpHandler, System.Text.Encodings.Web, System.Net.Http, Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.Mvc
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: over 5 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tOHg4LTVjaDctYzV3Oc38Fw
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01ajQ4LTgyNnAtMnc5cs38GQ
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget, npm
Packages: Moment.js, moment
Source: GitHub Advisory Database
Blast Radius: 46.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13YzY5LXJoanItaGM5Z84AAtHU
Moment.js vulnerable to Inefficient Regular Expression ComplexityEcosystems: nuget, npm
Packages: Moment.js, moment
Source: GitHub Advisory Database
Blast Radius: 46.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12M3hwLTN3cHEtcnZocM379A
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xOXg2LTdoamgtcTlmY838Hg
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget, npm
Packages: Moment.js, moment
Source: GitHub Advisory Database
Blast Radius: 46.0
Published: about 2 years ago
GSA_kwCzR0hTQS04aGZqLWoyNHItOTZjNM04JA
Path Traversal: 'dir/../../filename' in moment.localeEcosystems: nuget, npm
Packages: Moment.js, moment
Source: GitHub Advisory Database
Blast Radius: 46.0
Published: about 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1mM3F3LTdwOXAtajg3Zs4AAQA6
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12amY5LTh3cWcteGM3cs4AAQAx
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS12d3FoLWNtdnAtNjY5NM3_vw
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wOTdxLWo5OHEtZjk4d83_4g
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: SSCMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01eHI1LXYyaDctMnc3d84AArMn
SQL injection in SiteServer CMSEcosystems: nuget
Packages: SSCMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qNjdtLXdwdjYtcHY0NM3_5Q
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wY2dwLXZmZ3EtbWY1as3_9w
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tbTVxLXg5cWcteDR2cM4AAQAF
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0yMzNoLTU5bTItcXFmMs4AAkRi
ChakraCore Remote Code Execution VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS02eG12LW14N3EtNzg5cs4AAQAD
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zOHI3LXJ2NXAtZ2d3cc3_0Q
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01Z2dtLXE5OHYtNzZoeM4AAQAb
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1nZ3Z2LTZ2MjUtcjQ5cs3_3w
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03MmdtLXBwNnEtZ3B4Nc4AAX4k
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS00Zjc5LWZ4aDgtdmdxMs3_5g
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oNWh3LXFycnctdmZ4Z838JA
ChakraCore RCE VulnerabilityEcosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: nuget
Packages: Microsoft.Data.SqlClient, System.Data.SqlClient
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: 4 months ago
GSA_kwCzR0hTQS05OGc2LXhoMzYteDJwN84AA4Sw
Microsoft.Data.SqlClient and System.Data.SqlClient vulnerable to SQL Data Provider Security Feature BypassEcosystems: nuget
Packages: Microsoft.Data.SqlClient, System.Data.SqlClient
Source: GitHub Advisory Database
Blast Radius: 15.0
Published: 4 months ago
High
Ecosystems: nuget, npm
Packages: jQuery.Validation, jquery-validation
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp4d3gtODV2cC1ndndt
Regular Expression Denial of Service in jquery-validationEcosystems: nuget, npm
Packages: jQuery.Validation, jquery-validation
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: over 3 years ago
Statistics
Advisories: 18,361
Packages: 8,293
Repositories: 122
Ecosystems: 12
Packages: 8,293
Repositories: 122
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
Microsoft.ChakraCore
247
DotNetNuke.Core
19
Microsoft.AspNetCore.App.Runtime.win-x64
17
Microsoft.AspNetCore.App.Runtime.win-x86
17
Microsoft.AspNetCore.App.Runtime.win-arm
16
Microsoft.AspNetCore.App.Runtime.linux-arm
15
Microsoft.AspNetCore.App.Runtime.linux-arm64
15
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
15
Microsoft.AspNetCore.App.Runtime.linux-x64
15
Microsoft.AspNetCore.App.Runtime.osx-x64
15
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
14
Microsoft.AspNetCore.App.Runtime.win-arm64
14
Microsoft.NETCore.App.Runtime.win-x86
12
Microsoft.NETCore.App.Runtime.win-x64
12
Microsoft.NETCore.App.Runtime.win-arm64
12
Microsoft.NETCore.App
10
Umbraco.CMS
10
Microsoft.AspNetCore.All
10
Microsoft.AspNetCore.App.Runtime.linux-musl-arm
10
Microsoft.NETCore.App.Runtime.linux-musl-arm64
9
Microsoft.NETCore.App.Runtime.linux-musl-x64
9
Microsoft.NetCore.App.Runtime.win-arm
9
Microsoft.NETCore.App.Runtime.linux-x64
9
Microsoft.NetCore.App.Runtime.win-arm64
9
Microsoft.NetCore.App.Runtime.win-x64
9
Microsoft.NetCore.App.Runtime.win-x86
9
tinymce
9
TinyMCE
9
tinymce/tinymce
9
Microsoft.NETCore.App.Runtime.linux-arm64
9
Microsoft.NETCore.App.Runtime.linux-arm
9
org.webjars.npm:jquery
9
jquery-rails
9
jquery
9
Microsoft.AspNetCore.App
8
Microsoft.AspNetCore.App.Runtime.osx-arm64
8
jQuery
8
Microsoft.NETCore.App.Runtime.win-arm
8
Microsoft.NETCore.App.Runtime.osx-x64
8
Microsoft.NETCore.App.Runtime.linux-musl-arm
7
OPCFoundation.NetStandard.Opc.Ua.Core
7
CefSharp.Common
7
jquery-ui
7
jquery-ui-rails
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
Microsoft.AspNetCore.Mvc.Core
6
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64
5
CefSharp.WinForms
5
CefSharp.Wpf
5
CefSharp.Wpf.HwndHost
5
Microsoft.WindowsDesktop.App.Runtime.win-x64
5
Microsoft.WindowsDesktop.App.Runtime.win-x86
5
Microsoft.AspNetCore.Server.Kestrel.Core
5
System.Text.Encodings.Web
5
System.Net.Http
5
Microsoft.NETCore.App.Runtime.Mono.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.linux-x64
5
Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64
5
Microsoft.AspNetCore.Mvc.Cors
5
Microsoft.NETCore.App.Runtime.Mono.linux-arm64
5
Microsoft.NETCore.App.Runtime.Mono.linux-arm
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64
5
Microsoft.NETCore.App.Runtime.rhel.6-x64
5
Microsoft.NetCore.App.Runtime.linux-arm
4
Microsoft.NetCore.App.Runtime.linux-arm64
4
Microsoft.NetCore.App.Runtime.linux-musl-arm
4
Microsoft.NetCore.App.Runtime.linux-musl-arm64
4
Microsoft.NetCore.App.Runtime.linux-musl-x64
4
Microsoft.NetCore.App.Runtime.linux-x64
4
Microsoft.NetCore.App.Runtime.osx-arm64
4
Microsoft.NetCore.App.Runtime.osx-x64
4
Serenity.Net.Core
4
Microsoft.AspNetCore.Mvc
4
System.Net.Http.WinHttpHandler
4
SharpZipLib
4
System.Net.Security
4
Microsoft.AspNetCore.Mvc.WebApiCompatShim
4
System.Net.WebSockets.Client
4
Microsoft.AspNetCore.Mvc.Abstractions
4
Microsoft.AspNetCore.Mvc.ApiExplorer
4
Microsoft.AspNetCore.Mvc.DataAnnotations
4
OPCFoundation.NetStandard.Opc.Ua
4
NuGet.CommandLine
4
Microsoft.AspNetCore.Mvc.Formatters.Json
4
AjaxNetProfessional
4
NuGet.Commands
4
Microsoft.AspNetCore.Mvc.Formatters.Xml
4
Microsoft.AspNetCore.Mvc.Localization
4
Microsoft.AspNetCore.Mvc.Razor.Host
4
Microsoft.AspNetCore.Mvc.Razor
4
Microsoft.AspNetCore.Mvc.TagHelpers
4
Microsoft.AspNetCore.Mvc.ViewFeatures
4
SSCMS
4
Microsoft.WindowsDesktop.App.Runtime.win-arm64
4
Microsoft.Native.Quic.MsQuic.OpenSSL
3
Microsoft.Native.Quic.MsQuic.Schannel
3
Sustainsys.Saml2
3
CefSharp.Common.NETCore
3
SixLabors.ImageSharp
3
System.Private.Uri
3
Umbraco.Cms.Core
3
OPCFoundation.NetStandard.Opc.Ua.Server
3
System.Security.Cryptography.Xml
3
Microsoft.NETCore.App.Runtime.osx-arm64
3
wix
3
UmbracoCms
3
Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.x86
2
ServiceStack
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.android-x64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.android-x86
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x64
2
Microsoft.Owin
2
sharpcompress
2
jQuery.Validation
2
jquery-validation
2
UmbracoCMS.Core
2
System.Management.Automation
2
starkbank-ecdsa
2
Snowflake.Data
2
Moment.js
2
moment
2
elFinder.NetCore
2
Microsoft.AspNetCore.Http.Connections
2
HtmlSanitizer
2
PanelSwWix4.Sdk
2
System.Data.SqlClient
2
Microsoft.Data.SqlClient
2
Google.Protobuf
2
google/protobuf
2
github.com/protocolbuffers/protobuf
2
protobuf
2
bootstrap.sass
2
bootstrap
2
Bootstrap.Less
2
Azure.Identity
2
PeterO.Cbor
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x86
2
Umbraco.Cms.Web.BackOffice
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x64
2
DisCatSharp
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.osx-arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.x64
2
Filter by Repository
https://github.com/chakra-core/ChakraCore
214
https://github.com/dotnet/runtime
23
https://github.com/github/advisory-database
18
https://github.com/umbraco/Umbraco-CMS
16
https://github.com/OPCFoundation/UA-.NETStandard
10
https://github.com/dotnet/aspnetcore
10
https://github.com/jquery/jquery
10
https://github.com/tinymce/tinymce
9
https://github.com/dnnsoftware/Dnn.Platform
7
https://github.com/cefsharp/CefSharp
7
https://github.com/jquery/jquery-ui
6
https://github.com/icsharpcode/SharpZipLib
4
https://github.com/michaelschwarz/Ajax.NET-Professional
4
https://github.com/siteserver/cms
4
https://github.com/NuGet/NuGet.Client
4
https://github.com/SixLabors/ImageSharp
3
https://github.com/dotnet/wpf
3
https://github.com/serenity-is/Serenity
3
https://github.com/dotnet/sdk
3
https://github.com/PowerShell/PowerShell
3
https://github.com/Azure/azure-sdk-for-net
3
https://github.com/Sustainsys/Saml2
3
https://github.com/microsoft/msquic
3
https://github.com/wixtoolset/issues
3
https://github.com/nirbar/wix4
2
https://github.com/nirbar/wix3
2
https://github.com/mongodb/mongo-csharp-driver
2
https://github.com/moment/moment
2
https://github.com/microsoft/reverse-proxy
2
https://github.com/orchardcms/orchardcore
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/gordon-matt/elFinder.NetCore
2
https://github.com/mganss/HtmlSanitizer
2
https://github.com/Orckestra/C1-CMS-Foundation
2
https://github.com/jquery-validation/jquery-validation
2
https://github.com/peteroupc/CBOR
2
https://github.com/PiranhaCMS/piranha.core
2
https://github.com/dotnet/corefx
2
https://github.com/ServiceStack/ServiceStack
2
https://github.com/adamhathcock/sharpcompress
2
https://github.com/theori-io/chakra-2016-11
2
https://github.com/snowflakedb/snowflake-connector-net
2
https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet
2
https://github.com/Aiko-IT-Systems/DisCatSharp
2
https://github.com/google/protobuf
1
https://github.com/apache/avro
1
https://github.com/Antaris/RazorEngine
1
https://github.com/gsemac/Gsemac.Common
1
https://github.com/haf/DotNetZip.Semverd
1
https://github.com/akkadotnet/akka.net
1
https://github.com/HangfireIO/Hangfire
1
https://github.com/imazen/imageflow
1
https://github.com/imazen/resizer
1
https://github.com/JamesNK/Newtonsoft.Json
1
https://github.com/adplug/adplug
1
https://github.com/aaubry/YamlDotNet
1
https://github.com/Jasig/phpCAS
1
https://github.com/jchristn/IpMatcher
1
https://github.com/dotnetcore/AgileConfig
1
https://github.com/dnnsoftware/dnn.platform
1
https://github.com/CoreWCF/CoreWCF
1
https://github.com/Brondahl/EnumStringValues
1
https://github.com/drewnoakes/metadata-extractor-dotnet
1
https://github.com/brantburnett/Snappier
1
https://github.com/dub-flow/vulnerability-research
1
https://github.com/bcgit/bc-csharp
1
https://github.com/elastic/apm-agent-dotnet
1
https://github.com/FastReports/FastReport
1
https://github.com/AzureAD/microsoft-authentication-library-for-dotnet
1
https://github.com/AsynkronIT/Wire
1
https://github.com/Archomeda/Gw2Sharp
1
https://github.com/glennrp/libpng
1
https://github.com/apache/logging-log4net
1
https://github.com/google/brotli
1
https://github.com/jellyfin/jellyfin
1
https://github.com/pubnub/javascript
1
https://github.com/qnighy/libwebp-sys2-rs
1
https://github.com/QuantConnect/Lean
1
https://github.com/ravibpatel/AutoUpdater.NET
1
https://github.com/recurly/recurly-client-net
1
https://github.com/restsharp/RestSharp
1
https://github.com/SeppPenner/WindowsHello
1
https://github.com/SeriaWei/ZKEACMS
1
https://github.com/SinGooCMS/SinGooCMSUtility
1
https://github.com/spassarop/antisamy-dotnet
1
https://github.com/sshnet/NET
1
https://github.com/starkbank/ecdsa-dotnet
1
https://github.com/starkbank/ecdsa-python
1
https://github.com/swagger-api/swagger-ui
1
https://github.com/tgstation/tgstation-server
1
https://github.com/trannamtrung1st/elFinder.Net.Core
1
https://github.com/TrueLayer/truelayer-dotnet
1
https://github.com/turquoiseowl/i18n
1
https://github.com/twbs/bootstrap
1
https://github.com/umbraco/Umbraco.Workflow.Issues
1
https://github.com/zzzprojects/System.Linq.Dynamic.Core
1
https://gitlab.com/eLeN3Re/cve-2020-9471
1
https://gitlab.com/eLeN3Re/cve-2020-9472
1
https://github.com/jellyfin/jellyfin-web
1
https://github.com/joniles/mpxj
1
https://github.com/jonschlinkert/set-value
1
https://github.com/kapetan/dns
1
https://github.com/ldqk/Masuit.Tools
1
https://github.com/LittleBigRefresh/Bunkum
1
https://github.com/madskristensen/Miniblog.Core
1
https://github.com/mbdavid/LiteDB
1
https://github.com/mguinness/elFinder.AspNet
1
https://github.com/MichaelGrafnetter/DSInternals
1
https://github.com/microsoft/bond
1
https://github.com/microsoft/botbuilder-dotnet
1
https://github.com/microsoft/ChakraCore
1
https://github.com/microsoft/DirectXTex
1
https://github.com/moq/moq
1
https://github.com/NancyFx/Nancy
1
https://github.com/neuecc/MessagePack-CSharp
1
https://github.com/NuGet/Home
1
https://github.com/OPCFoundation/UA-.NET-Legacy
1
https://github.com/open-telemetry/opentelemetry-dotnet
1
https://github.com/OrchardCMS/OrchardCore
1
https://github.com/personnummer/csharp
1
https://github.com/protocolbuffers/protobuf
1