Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

nuget Security Advisories

Loading...
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZwYzItN3htZi1wcG1m
Out-of-bounds Write in ChakraCore
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 3 years ago
Moderate
GSA_kwCzR0hTQS1ncnczLWhqam0tNWNqbc4AAVyR
DotNetNuke Default Machine Key Exposure
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jcWo0LW0ycGMtdjltNc4AARRG
Improper Limitation of a Pathname to a Restricted Directory in SharpZipLib
Ecosystems: nuget
Packages: SharpZipLib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXAyM2otZzc0NS04NDQ5
Out-of-bounds write
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh4M2gtajNjeC04cWZq
Insufficient Entropy in DotNetNuke
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWgyM20tdzZ4NS1qd3I0
Out-of-bounds write
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
GSA_kwCzR0hTQS01Y3JwLTlyM2MtcDl2cs4AAs6x
Improper Handling of Exceptional Conditions in Newtonsoft.Json
Ecosystems: nuget
Packages: Newtonsoft.Json
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1ycXJjLThxOGYtY3A5Y805cw
Infinite loop in .Net Bond
Ecosystems: nuget
Packages: Bond.Core.CSharp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
GSA_kwCzR0hTQS1nNjd4LW1ncnYtbTNnds4AAj1j
ChakraCore RCE Vulnerability
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0ybW1jLTVwaGotNHdqas4AAQFB
ChakraCore RCE Vulnerability
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1ycGZnLXhmODgtY3E1cs4AAQE-
ChakraCore RCE Vulnerability
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
GSA_kwCzR0hTQS1qOW0yLWgycHYtd3ZwaM4AArVh
Regular expression denial of service in jquery-validation
Ecosystems: nuget, npm
Packages: jQuery.Validation, jquery-validation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1waDN2LTJocTUtNXFmcc0wiA
Code injection in RazorEngine
Ecosystems: nuget
Packages: RazorEngine
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Low
GSA_kwCzR0hTQS0zMzV4LTV3Y20tOGp2Ms4AA3ua
Backoffice User can bypass "Publish" restriction
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Low
GSA_kwCzR0hTQS14eGM2LTM1cjctNzk2d84AA3uY
Possible injection of HTML into user invite mails
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS05cGhyLWg1bXgtNGZwNs4AAjqv
DNN XSS Vulnerability
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1oNjhjLTRqaDMtY3A5as4AAj7a
Umbraco CMS Authenticated File Upload
Ecosystems: nuget
Packages: UmbracoCMS.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13MzkzLWg5NW0tZjg3Oc4AATL5
CoreFTP Directory Traversal
Ecosystems: nuget
Packages: CoreFtp
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yODdmLTQ2ajctajR3aM4AA7R8
Umbraco Workflow's Backoffice users can execute arbitrary SQL
Ecosystems: nuget
Packages: Plumber.Workflow, Umbraco.Workflow
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 18 days ago
Low
GSA_kwCzR0hTQS03eDc0LWg4Y3ctcWh4cc4AA3uf
Brute force exploit can be used to collect valid usernames
Ecosystems: nuget
Packages: Umbraco.CMS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
High
GSA_kwCzR0hTQS0zZnZ3LWc2bXItdzI0N83_rQ
ChakraCore RCE Vulnerability
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTYyZ3ctM3Jtai13bXAy
High severity vulnerability that affects System.Management.Automation
Ecosystems: nuget
Packages: System.Management.Automation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 4 years ago
High
GSA_kwCzR0hTQS0zOHI3LXJ2NXAtZ2d3cc3_0Q
ChakraCore RCE Vulnerability
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1od2NjLTRjdjgtY2YzaM4AA4AE
Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL)
Ecosystems: nuget
Packages: Snowflake.Data
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS1tNnc5LThjeGMtamZmN84AATzw
DNN XSS Vulnerability
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1oNm03LWpwaHgtZjlwNc4AAa0X
ChakraCore information disclosure vulnerability
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0zZngzLTg1cjQtOGozd84AA3Hx
Microsoft Security Advisory CVE-2023-36558: .NET Security Feature Bypass Vulnerability
Ecosystems: nuget
Packages: Microsoft.AspNetCore.Components
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
High
GSA_kwCzR0hTQS1jM2hmLTh2Z3gtNzJyaM4AA3Hy
Microsoft Security Advisory CVE-2023-36049: .NET Elevation of Privilege Vulnerability
Ecosystems: nuget
Packages: System.Net.Requests
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 6 months ago
High
GSA_kwCzR0hTQS12OWpnLW02ZzUtaDNoaM4AAVaY
ChakraCore RCE Vulnerability
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1mamo4LWd2NGotOTUzcM4AAVdH
ChakraCore RCE Vulnerability
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS12Zmp3LWNyY3EtcTkyds4AAVcU
ChakraCore RCE Vulnerability
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS13bTI3LTQ5eDItbWc5cc4AAVbt
ChakraCore RCE Vulnerability
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1mMnBnLWdjeHAtZ3IyY84AAVb3
ChakraCore RCE Vulnerability
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS13djQ0LTl3NjktdzQzas4AAVaS
ChakraCore RCE Vulnerability
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0yOTRqLXI1M3gtdzc4Ns4AAVZ-
ChakraCore RCE Vulnerability
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS13NG1qLXh3dnctMzgyZs4AAVZT
ChakraCore RCE Vulnerability
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS0yeDdoLTk2aDUtcnE4NM0mqw
Path Traversal in SharpZipLib
Ecosystems: nuget
Packages: SharpZipLib
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
GSA_kwCzR0hTQS1qOHJtLWNtNTUtcXFqNs4AA1Qu
.NET Information Disclosure Vulnerability
Ecosystems: nuget
Packages: Microsoft.AspNetCore.SignalR.Redis, Microsoft.AspNetCore.SignalR.StackExchangeRedis
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
High
GSA_kwCzR0hTQS04ZjdmLXZxZzUtanJ2Oc4AAw3c
.NET Denial of Service Vulnerability
Ecosystems: nuget
Packages: Microsoft.NetCore.App.Runtime.win-x86, Microsoft.NetCore.App.Runtime.win-x64, Microsoft.NetCore.App.Runtime.win-arm64, Microsoft.NetCore.App.Runtime.win-arm, Microsoft.NetCore.App.Runtime.osx-x64, Microsoft.NetCore.App.Runtime.osx-arm64, Microsoft.NetCore.App.Runtime.linux-x64, Microsoft.NetCore.App.Runtime.linux-musl-x64, Microsoft.NetCore.App.Runtime.linux-musl-arm64, Microsoft.NetCore.App.Runtime.linux-musl-arm, Microsoft.NetCore.App.Runtime.linux-arm64, Microsoft.NetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
GSA_kwCzR0hTQS02cW1mLW1tYzctNmMycM4AAz3D
NuGet Client Remote Code Execution Vulnerability
Ecosystems: nuget
Packages: NuGet.Protocol, NuGet.Common, NuGet.CommandLine, NuGet.Commands, NuGet.PackageManagement, Microsoft.Build.NuGetSdkResolver
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
High
GSA_kwCzR0hTQS1qeDdxLXh4bXctNDR2Zs4AAz3G
.NET Elevation of Privilege Vulnerability
Ecosystems: nuget
Packages: Microsoft.NetCore.App.Runtime.win-x86, Microsoft.NetCore.App.Runtime.win-x64, Microsoft.NetCore.App.Runtime.win-arm64, Microsoft.NetCore.App.Runtime.win-arm, Microsoft.NetCore.App.Runtime.osx-x64, Microsoft.NetCore.App.Runtime.osx-arm64, Microsoft.NetCore.App.Runtime.linux-x64, Microsoft.NetCore.App.Runtime.linux-musl-x64, Microsoft.NetCore.App.Runtime.linux-musl-arm64, Microsoft.NetCore.App.Runtime.linux-musl-arm, Microsoft.NetCore.App.Runtime.linux-arm64, Microsoft.NetCore.App.Runtime.linux-arm
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 11 months ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBweGMtcG14OS1xanY5
Out-of-bounds write
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN3cDktOTU2Zi12Y3do
Out-of-bounds write
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY5NzMtOTR2OC01bWd3
Out-of-bounds write
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVycTgtM3d2Zi13cmZn
Out-of-bounds write
Ecosystems: nuget
Packages: Microsoft.ChakraCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY1cnYtaHB4Zy04eDQ5
Signature validation bypass in ServiceStack
Ecosystems: nuget
Packages: ServiceStack
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF2OHEtdjk5NS03Mmdy
personnummer/csharp vulnerable to Improper Input Validation
Ecosystems: nuget
Packages: personnummer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVmcmgtOGNtai1nYzU5
System.Management.Automation subject to bypass via script debugging
Ecosystems: nuget
Packages: System.Management.Automation
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM5Y2ctcThyMi14dmpx
Improper Authentication in Auth0.AuthenticationApi
Ecosystems: nuget
Packages: Auth0.AuthenticationApi
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 4 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVjNjYteDR3bS1yamZ4
Cross-site scripting (XSS) vulnerability in the user-profile biography section in DotNetNuke (DNN)
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg4ZjctaDQ0NC05N3c0
The installation wizard in DotNetNuke (DNN) allows privilege escalation
Ecosystems: nuget
Packages: DotNetNuke.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS13bXBtLWZxN3ItanE1Ns0VkA
Imporoper path validation in elFinder.NetCore
Ecosystems: nuget
Packages: elFinder.NetCore
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Critical
GSA_kwCzR0hTQS0yOXJ2LWZxeDItNGM5Zs0z6w
Deserialization of Untrusted Data in SinGooCMS.Utility
Ecosystems: nuget
Packages: SinGooCMS.Utility
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS14cjhmLTU5cHAtcnh4aM4AAq4d
Elevation of privilege in ASP.NET Core
Ecosystems: nuget
Packages: Microsoft.AspNetCore.SpaServices
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1yN3BxLTN4NnAtN2pjbc4AArtZ
Memory Allocation with Excessive Size Value in OPCFoundation.NetStandard.Opc.Ua.Core
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1mdnhmLXI5ZnctNDlwY84AArtW
Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua.Core
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS01cTJ2LTZqODYtNWg5ds4AArtU
Security Update for the OPC UA .NET Standard Stack
Ecosystems: nuget
Packages: OPCFoundation.NetStandard.Opc.Ua.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS13dnhjLTg1NWYtanZyds4AA6y0
Azure Identity Library for .NET Information Disclosure Vulnerability
Ecosystems: nuget
Packages: Azure.Identity
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 1 month ago
High
GSA_kwCzR0hTQS1xd3AzLTVmdzMtNXdnds4AAuWw
Incorrect Access Control and Cross Site Scripting in Jellyfin
Ecosystems: nuget
Packages: Jellyfin.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1wOXd4LXYyNjQtcTM0cM4AAWUJ
Improper Certificate Validation in Microsoft .NET Framework components
Ecosystems: nuget
Packages: System.ServiceModel.Security, System.ServiceModel.Duplex, System.ServiceModel.Primitives, System.ServiceModel.NetTcp, System.ServiceModel.Http, System.Private.ServiceModel
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS02NHg0LTloYzYtcjJoNs4AAtUo
Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption Library
Ecosystems: nuget
Packages: Azure.Storage.Blobs, Azure.Storage.Queues
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS14NXFqLTl2bXgtN2c2Z84AAUDs
Improper Input Validation in .Net Framework API's
Ecosystems: nuget
Packages: System.Private.Uri, Microsoft.NETCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS01NjMzLWYzM2otYzZmN83_9A
Tampering vulnerability in .NET Core
Ecosystems: nuget
Packages: Microsoft.NETCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS01ZjJtLTQ2NmotMzg0OM4AAguS
Denial of service in ASP.NET Core
Ecosystems: nuget
Packages: System.Private.Uri
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1wcnJmLTM5N3YtODN4aM4AAhTD
Open redirect in ASP.NET Core
Ecosystems: nuget
Packages: Microsoft.AspNetCore.Server.HttpSys, Microsoft.AspNetCore.Server.IIS, Microsoft.AspNetCore.All, Microsoft.AspNetCore.App
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqOXYtaDJ2cC0yaGh2
XSS in HtmlSanitizer
Ecosystems: nuget
Packages: HtmlSanitizer
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB2MzYtaDdqaC1xbTYy
Heap buffer overflow in CefSharp
Ecosystems: nuget
Packages: CefSharp.Wpf.HwndHost, CefSharp.WinForms, CefSharp.Wpf, CefSharp.Common
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 3 years ago
High
GSA_kwCzR0hTQS12aDM4LWdoeDYtdm12Z83X8Q
Code Injection in Masuit.Tools.Core
Ecosystems: nuget
Packages: Masuit.Tools.Core
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTczNzgtNjI2OC00Mjc4
High severity vulnerability that affects DotNetZip
Ecosystems: nuget
Packages: DotNetZip
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 5 years ago
Critical
GSA_kwCzR0hTQS1nM3djLXh2OTMtNDQ1cc4AAwZM
DNS NuGet package uses insufficiently random values
Ecosystems: nuget
Packages: DNS
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS1mOWZyLXc1NHEtNzcyaM198g
Apache log4net format string vulnerability causes DoS
Ecosystems: nuget
Packages: log4net
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS1ncHY1LXJwNnctNThyOM4AAv_m
Remote code execution vulnerability in dependency System.Drawing.Common
Ecosystems: nuget
Packages: Akka
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNoNnAtNGpjbS1oOHZo
Moderate severity vulnerability that affects Microsoft.AspNetCore.Mvc and Microsoft.AspNetCore.Mvc.Core
Ecosystems: nuget
Packages: Microsoft.AspNetCore.Mvc.WebApiCompatShim, Microsoft.AspNetCore.Mvc.ViewFeatures, Microsoft.AspNetCore.Mvc.TagHelpers, Microsoft.AspNetCore.Mvc.Razor, Microsoft.AspNetCore.Mvc.Razor.Host, Microsoft.AspNetCore.Mvc.Localization, Microsoft.AspNetCore.Mvc.Formatters.Xml, Microsoft.AspNetCore.Mvc.Formatters.Json, Microsoft.AspNetCore.Mvc.DataAnnotations, Microsoft.AspNetCore.Mvc.Cors, Microsoft.AspNetCore.Mvc.ApiExplorer, Microsoft.AspNetCore.Mvc.Abstractions, System.Net.WebSockets.Client, System.Net.Security, System.Net.Http.WinHttpHandler, System.Text.Encodings.Web, System.Net.Http, Microsoft.AspNetCore.Mvc.Core, Microsoft.AspNetCore.Mvc
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Low
GSA_kwCzR0hTQS02cjc4LW02NG0tcXdjZs4AA1OC
Moq v4.20.0-rc to 4.20.1 share hashed user data
Ecosystems: nuget
Packages: moq
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
High
GSA_kwCzR0hTQS1yZjM5LTNmOTgteHI3cs4AA6Ri
WiX based installers are vulnerable to binary hijack when run as SYSTEM
Ecosystems: nuget
Packages: WixToolset.Sdk, wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
High
GSA_kwCzR0hTQS03d2gyLXd4YzctOXBoNc4AA5Kc
WiX Toolset's .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
Ecosystems: nuget
Packages: wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4d20tNTc5cS00OXFx
Moderate severity vulnerability that affects Bootstrap.Less, bootstrap, and bootstrap.sass
Ecosystems: nuget
Packages: Bootstrap.Less, bootstrap, bootstrap.sass
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Moderate
GSA_kwCzR0hTQS13MzI3LXdxMjgtM3ZtZs3QXA
CuteSoft CuteEditor Path Traversal vulnerability
Ecosystems: nuget
Packages: CuteEditor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Moderate
GSA_kwCzR0hTQS01Nzl2LW1wM3YtcnJ3Nc4AATnF
jQuery vulnerable to Cross-Site Scripting (XSS)
Ecosystems: maven, rubygems, nuget, npm
Packages: org.webjars.npm:jquery, jquery-rails, jQuery, jquery
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1qeDRwLW00d20tdnZqZ84AA6Rh
Malicious directory junction can cause WiX RemoveFoldersEx to possibly delete elevated files
Ecosystems: nuget
Packages: WixToolset.Util.wixext, wix
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 months ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFwdngtZ3BxbS1nOThq
Critical severity vulnerability that affects Auth0-WCF-Service-JWT
Ecosystems: nuget
Packages: Auth0-WCF-Service-JWT
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 5 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhwd3AtcnEzeC14NnY3
Critical severity vulnerability that affects recurly-api-client
Ecosystems: nuget
Packages: recurly-api-client
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 5 years ago
Moderate
GSA_kwCzR0hTQS1nNWM2LXc0NzktOTN4bc3Xjg
Mono ASP.NET View State Cross-Site Scripting (XSS) vulnerability
Ecosystems: nuget
Packages: mono
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 2 years ago
Statistics
Advisories: 18,440
Packages: 8,316
Repositories: 123
Ecosystems: 12
Filter by Severity
Moderate 7,964 High 6,379 Critical 2,816 Low 990
Filter by Ecosystem
maven 5,537 packagist 3,820 pypi 3,750 npm 3,551 go 1,904 nuget 1,391 rubygems 814 cargo 779 swift 31 hex 30 actions 16 pub 8
Filter by Package
Microsoft.ChakraCore 247 DotNetNuke.Core 19 Microsoft.AspNetCore.App.Runtime.win-x64 17 Microsoft.AspNetCore.App.Runtime.win-x86 17 Microsoft.AspNetCore.App.Runtime.win-arm 16 Microsoft.AspNetCore.App.Runtime.linux-arm 15 Microsoft.AspNetCore.App.Runtime.linux-arm64 15 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 15 Microsoft.AspNetCore.App.Runtime.linux-x64 15 Microsoft.AspNetCore.App.Runtime.osx-x64 15 Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 14 Microsoft.AspNetCore.App.Runtime.win-arm64 14 Microsoft.NETCore.App.Runtime.win-x86 12 Microsoft.NETCore.App.Runtime.win-x64 12 Microsoft.NETCore.App.Runtime.win-arm64 12 Microsoft.NETCore.App 10 Microsoft.AspNetCore.All 10 Microsoft.AspNetCore.App.Runtime.linux-musl-arm 10 Umbraco.CMS 10 Microsoft.NETCore.App.Runtime.linux-arm64 9 Microsoft.NETCore.App.Runtime.linux-musl-arm64 9 Microsoft.NetCore.App.Runtime.win-arm 9 Microsoft.NETCore.App.Runtime.linux-musl-x64 9 Microsoft.NETCore.App.Runtime.linux-x64 9 Microsoft.NetCore.App.Runtime.win-arm64 9 Microsoft.NetCore.App.Runtime.win-x64 9 Microsoft.NetCore.App.Runtime.win-x86 9 tinymce 9 TinyMCE 9 tinymce/tinymce 9 Microsoft.NETCore.App.Runtime.linux-arm 9 org.webjars.npm:jquery 9 jquery-rails 9 jquery 9 Microsoft.AspNetCore.App 8 Microsoft.AspNetCore.App.Runtime.osx-arm64 8 Microsoft.NETCore.App.Runtime.win-arm 8 Microsoft.NETCore.App.Runtime.osx-x64 8 jQuery 8 Microsoft.NETCore.App.Runtime.linux-musl-arm 7 OPCFoundation.NetStandard.Opc.Ua.Core 7 CefSharp.Common 7 jquery-ui 7 jquery-ui-rails 7 org.webjars.npm:jquery-ui 7 jQuery.UI.Combined 7 Microsoft.AspNetCore.Mvc.Core 6 Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64 5 CefSharp.WinForms 5 CefSharp.Wpf 5 CefSharp.Wpf.HwndHost 5 Microsoft.WindowsDesktop.App.Runtime.win-x64 5 Microsoft.WindowsDesktop.App.Runtime.win-x86 5 Microsoft.AspNetCore.Server.Kestrel.Core 5 System.Text.Encodings.Web 5 System.Net.Http 5 Microsoft.NETCore.App.Runtime.Mono.osx-x64 5 Microsoft.NETCore.App.Runtime.Mono.linux-x64 5 Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64 5 Microsoft.AspNetCore.Mvc.Cors 5 Microsoft.NETCore.App.Runtime.Mono.linux-arm64 5 Microsoft.NETCore.App.Runtime.Mono.linux-arm 5 Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64 5 Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64 5 Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64 5 Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64 5 Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64 5 Microsoft.NETCore.App.Runtime.rhel.6-x64 5 Microsoft.NetCore.App.Runtime.linux-arm 4 Microsoft.NetCore.App.Runtime.linux-arm64 4 Microsoft.NetCore.App.Runtime.linux-musl-arm 4 Microsoft.NetCore.App.Runtime.linux-musl-arm64 4 Microsoft.NetCore.App.Runtime.linux-musl-x64 4 Microsoft.NetCore.App.Runtime.linux-x64 4 Microsoft.NetCore.App.Runtime.osx-arm64 4 Microsoft.NetCore.App.Runtime.osx-x64 4 Serenity.Net.Core 4 SharpZipLib 4 Microsoft.AspNetCore.Mvc 4 System.Net.Http.WinHttpHandler 4 System.Net.Security 4 OPCFoundation.NetStandard.Opc.Ua 4 System.Net.WebSockets.Client 4 Microsoft.AspNetCore.Mvc.Abstractions 4 NuGet.CommandLine 4 Microsoft.AspNetCore.Mvc.ApiExplorer 4 AjaxNetProfessional 4 Microsoft.AspNetCore.Mvc.DataAnnotations 4 NuGet.Commands 4 Microsoft.AspNetCore.Mvc.Formatters.Json 4 Microsoft.AspNetCore.Mvc.Formatters.Xml 4 Microsoft.AspNetCore.Mvc.Localization 4 Microsoft.AspNetCore.Mvc.Razor.Host 4 Microsoft.AspNetCore.Mvc.Razor 4 Microsoft.AspNetCore.Mvc.TagHelpers 4 Microsoft.AspNetCore.Mvc.ViewFeatures 4 SSCMS 4 Microsoft.AspNetCore.Mvc.WebApiCompatShim 4 Microsoft.WindowsDesktop.App.Runtime.win-arm64 4 Microsoft.NETCore.App.Runtime.osx-arm64 3 System.Security.Cryptography.Xml 3 Sustainsys.Saml2 3 System.Private.Uri 3 SixLabors.ImageSharp 3 Umbraco.Cms.Core 3 CefSharp.Common.NETCore 3 Microsoft.Native.Quic.MsQuic.OpenSSL 3 Microsoft.Native.Quic.MsQuic.Schannel 3 OPCFoundation.NetStandard.Opc.Ua.Server 3 UmbracoCms 3 wix 3 Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.arm64 2 Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64 2 Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x86 2 Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x64 2 Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64.Msi.x64 2 Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64 2 Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.arm64 2 Microsoft.NETCore.App.Runtime.Mono.ios-arm64 2 Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64.Msi.x64 2 Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.x86 2 ServiceStack 2 Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.arm64 2 Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x64 2 Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x86 2 Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64 2 Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.arm64 2 Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.x64 2 Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86 2 Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.arm64 2 Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x64 2 Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x86 2 Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64 2 Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.arm64 2 Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x64 2 Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x86 2 Microsoft.NETCore.App.Runtime.Mono.browser-wasm 2 Microsoft.NETCore.App.Runtime.Mono.android-x86 2 Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.arm64 2 Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x86 2 Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x64 2 Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x64 2 Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.arm64 2 Microsoft.NETCore.App.Runtime.Mono.android-x64 2 Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x86 2 Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x64 2 Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.arm64 2 Microsoft.NETCore.App.Runtime.Mono.android-arm64 2 Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x86 2 Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x64 2 Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.arm64 2 Microsoft.NETCore.App.Runtime.Mono.android-arm 2 Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm.Msi.x64 2 Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm 2 Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86.Msi.x64 2 Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86 2 Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x86 2 Microsoft.NETCore.App.Runtime.Mono.ios-arm 2 Microsoft.Owin 2 sharpcompress 2 jQuery.Validation 2 jquery-validation 2 UmbracoCMS.Core 2 System.Management.Automation 2 starkbank-ecdsa 2 Snowflake.Data 2 Moment.js 2 moment 2 elFinder.NetCore 2 Microsoft.AspNetCore.Http.Connections 2 HtmlSanitizer 2 PanelSwWix4.Sdk 2 PanelSW.Custom.WiX 2 System.Data.SqlClient 2 Microsoft.Data.SqlClient 2 Google.Protobuf 2 google/protobuf 2 github.com/protocolbuffers/protobuf 2 protobuf 2 bootstrap.sass 2 bootstrap 2 Bootstrap.Less 2 Azure.Identity 2 Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.arm64 2 Umbraco.Cms.Web.BackOffice 2 Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x64 2 DisCatSharp 2 Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x86 2 Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64 2 Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.arm64 2 Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x64 2 Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x86 2 Microsoft.NETCore.App.Runtime.Mono.osx-arm64 2 Microsoft.NETCore.App.Runtime.Mono.tvos-arm64 2 Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.arm64 2 Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x64 2 Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x86 2 Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64 2 Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.arm64 2 Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.x64 2
Filter by Repository
https://github.com/chakra-core/ChakraCore 214 https://github.com/dotnet/runtime 23 https://github.com/github/advisory-database 18 https://github.com/umbraco/Umbraco-CMS 16 https://github.com/OPCFoundation/UA-.NETStandard 10 https://github.com/dotnet/aspnetcore 10 https://github.com/jquery/jquery 10 https://github.com/tinymce/tinymce 9 https://github.com/dnnsoftware/Dnn.Platform 7 https://github.com/cefsharp/CefSharp 7 https://github.com/jquery/jquery-ui 6 https://github.com/michaelschwarz/Ajax.NET-Professional 4 https://github.com/icsharpcode/SharpZipLib 4 https://github.com/siteserver/cms 4 https://github.com/NuGet/NuGet.Client 4 https://github.com/dotnet/sdk 3 https://github.com/serenity-is/Serenity 3 https://github.com/dotnet/wpf 3 https://github.com/SixLabors/ImageSharp 3 https://github.com/PowerShell/PowerShell 3 https://github.com/Azure/azure-sdk-for-net 3 https://github.com/Sustainsys/Saml2 3 https://github.com/wixtoolset/issues 3 https://github.com/microsoft/msquic 3 https://github.com/gordon-matt/elFinder.NetCore 2 https://github.com/nirbar/wix4 2 https://github.com/orchardcms/orchardcore 2 https://github.com/nirbar/wix3 2 https://github.com/Microsoft/ChakraCore 2 https://github.com/mongodb/mongo-csharp-driver 2 https://github.com/Orckestra/C1-CMS-Foundation 2 https://github.com/moment/moment 2 https://github.com/microsoft/reverse-proxy 2 https://github.com/peteroupc/CBOR 2 https://github.com/PiranhaCMS/piranha.core 2 https://github.com/dotnet/corefx 2 https://github.com/Aiko-IT-Systems/DisCatSharp 2 https://github.com/mganss/HtmlSanitizer 2 https://github.com/adamhathcock/sharpcompress 2 https://github.com/ServiceStack/ServiceStack 2 https://github.com/snowflakedb/snowflake-connector-net 2 https://github.com/theori-io/chakra-2016-11 2 https://github.com/jquery-validation/jquery-validation 2 https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet 2 https://github.com/jellyfin/jellyfin-web 1 https://github.com/jellyfin/jellyfin 1 https://github.com/jchristn/IpMatcher 1 https://github.com/google/brotli 1 https://github.com/Jasig/phpCAS 1 https://github.com/google/protobuf 1 https://github.com/JamesNK/Newtonsoft.Json 1 https://github.com/imazen/resizer 1 https://github.com/gsemac/Gsemac.Common 1 https://github.com/imazen/imageflow 1 https://github.com/HangfireIO/Hangfire 1 https://github.com/haf/DotNetZip.Semverd 1 https://github.com/adplug/adplug 1 https://github.com/akkadotnet/akka.net 1 https://github.com/Antaris/RazorEngine 1 https://github.com/apache/avro 1 https://github.com/apache/logging-log4net 1 https://github.com/Archomeda/Gw2Sharp 1 https://github.com/AsynkronIT/Wire 1 https://github.com/AzureAD/microsoft-authentication-library-for-dotnet 1 https://github.com/bcgit/bc-csharp 1 https://github.com/brantburnett/Snappier 1 https://github.com/Brondahl/EnumStringValues 1 https://github.com/CoreWCF/CoreWCF 1 https://github.com/dnnsoftware/dnn.platform 1 https://github.com/dotnetcore/AgileConfig 1 https://github.com/aaubry/YamlDotNet 1 https://github.com/drewnoakes/metadata-extractor-dotnet 1 https://github.com/dub-flow/vulnerability-research 1 https://github.com/elastic/apm-agent-dotnet 1 https://github.com/FastReports/FastReport 1 https://github.com/protocolbuffers/protobuf 1 https://github.com/pubnub/javascript 1 https://github.com/qnighy/libwebp-sys2-rs 1 https://github.com/QuantConnect/Lean 1 https://github.com/ravibpatel/AutoUpdater.NET 1 https://github.com/recurly/recurly-client-net 1 https://github.com/restsharp/RestSharp 1 https://github.com/SeppPenner/WindowsHello 1 https://github.com/SeriaWei/ZKEACMS 1 https://github.com/SinGooCMS/SinGooCMSUtility 1 https://github.com/spassarop/antisamy-dotnet 1 https://github.com/sshnet/NET 1 https://github.com/starkbank/ecdsa-dotnet 1 https://github.com/starkbank/ecdsa-python 1 https://github.com/swagger-api/swagger-ui 1 https://github.com/tgstation/tgstation-server 1 https://github.com/trannamtrung1st/elFinder.Net.Core 1 https://github.com/TrueLayer/truelayer-dotnet 1 https://github.com/turquoiseowl/i18n 1 https://github.com/twbs/bootstrap 1 https://github.com/umbraco/Umbraco.Workflow.Issues 1 https://github.com/zzzprojects/System.Linq.Dynamic.Core 1 https://gitlab.com/eLeN3Re/cve-2020-9471 1 https://github.com/glennrp/libpng 1 https://github.com/joniles/mpxj 1 https://github.com/jonschlinkert/set-value 1 https://github.com/kapetan/dns 1 https://github.com/ldqk/Masuit.Tools 1 https://github.com/LittleBigRefresh/Bunkum 1 https://github.com/madskristensen/Miniblog.Core 1 https://github.com/mbdavid/LiteDB 1 https://github.com/mguinness/elFinder.AspNet 1 https://github.com/MichaelGrafnetter/DSInternals 1 https://github.com/microsoft/bond 1 https://github.com/microsoft/botbuilder-dotnet 1 https://github.com/microsoft/ChakraCore 1 https://github.com/microsoft/DirectXTex 1 https://github.com/moq/moq 1 https://github.com/NancyFx/Nancy 1 https://github.com/neuecc/MessagePack-CSharp 1 https://github.com/npgsql/npgsql 1 https://github.com/NuGet/Home 1 https://github.com/OPCFoundation/UA-.NET-Legacy 1 https://github.com/open-telemetry/opentelemetry-dotnet 1 https://github.com/OrchardCMS/OrchardCore 1 https://github.com/personnummer/csharp 1 https://gitlab.com/eLeN3Re/cve-2020-9472 1