Browse Security Advisories
Moderate Security Advisories in nuget Clear Filters
Moderate
about 17 hours ago
Umbraco Delivery API allows for cached requests to be returned with an invalid API key
nuget
Umbraco.Cms.Api.Delivery
Moderate
about 1 month ago
Umbraco CMS disclosure of configured password requirements
nuget
Umbraco.Cms
Moderate
about 1 month ago
DNN.PLATFORM Allows Stored Cross-Site Scripting (XSS) in Activity Feed
nuget
DNN.PLATFORM
Moderate
about 1 month ago
DNN.PLATFORM Allows Reflected Cross-Site Scripting (XSS) in some TokenReplace situations with SkinObjects
nuget
DNN.PLATFORM
Moderate
about 1 month ago
Couchbase .NET SDK (client library) does not properly enable hostname verification for TLS certificates
nuget
CouchbaseNetClient
Moderate
about 2 months ago
Umbraco Vulnerable to By-Pass of Configured Allowed Extensions for File Uploads
nuget
Umbraco.Cms
Moderate
2 months ago
DNN allows Stored Cross-Site Scripting (XSS) with svg files rendered inline
nuget
DotNetNuke.Core
Moderate
2 months ago
Reflected Cross-Site Scripting (XSS) in module actions in edit mode
nuget
DotNetNuke.Core, DotNetNuke.Web
Moderate
3 months ago
Umbraco Makes User Enumeration Feasible Based on Timing of Login Response
nuget
Umbraco.Cms
Moderate
4 months ago
Microsoft Identity Web Exposes Client Secrets and Certificate Information in Service Logs
nuget
Microsoft.Identity.Abstractions, Microsoft.Identity.Web
Moderate
4 months ago
DotNetNuke.Core Vulnerable to Server-Side Request Forgery (SSRF)
nuget
DotNetNuke.Core
Moderate
5 months ago
Umbraco Allows a Restricted Editor User to Delete Media Item or Access Unauthorized Content
nuget
Umbraco.Cms.Web.Backoffice
Moderate
5 months ago
Umbraco Allows Improper API Access Control to Low-Privilege Users to Data Type Functionality
nuget
Umbraco.Cms.Api.Management
Moderate
5 months ago
OpenTelemetry .NET has Denial of Service (DoS) Vulnerability in API Package
nuget
OpenTelemetry.Api
Moderate
5 months ago
Security Update for the OPC UA .NET Standard Stack
nuget
OPCFoundation.NetStandard.Opc.Ua.Core
Moderate
5 months ago
Security Update for the OPC UA .NET Standard Stack
nuget
OPCFoundation.NetStandard.Opc.Ua.Bindings.Https
Moderate
5 months ago
Duende.AccessTokenManagement race condition when concurrently retrieving customized Client Credentials Access Tokens
nuget
Duende.AccessTokenManagement
Moderate
6 months ago
TShock allows chat while not fully connected, possible ban evasion
nuget
tshock
Moderate
6 months ago
XSS/HTML Injection Vulnerability in Umbraco Preview Badge
nuget
Umbraco.Cms.Web.Common, Umbraco.Cms
Moderate
6 months ago
Umbraco Allows User Enumeration Feasible Based On Management API Timing and Response Codes
nuget
Umbraco.Cms
Moderate
6 months ago
XSS/HTML Injection Vulnerability in Umbraco Backoffice Components
npm, nuget
@umbraco-cms/backoffice, Umbraco.Cms.StaticAssets
Moderate
7 months ago
Umbraco Forms's Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length
nuget
Umbraco.Forms, UmbracoForms
Moderate
7 months ago
Oqtane Framework Insecure Direct Object Reference vulnerability
nuget
Oqtane.Server, Oqtane.Framework
Moderate
8 months ago
Devolutions.XTS.NET Vulnerable to Timing Attack on GF Multiplications
nuget
Devolutions.XTS.NET
Moderate
9 months ago
HTTP Client uses incorrect token after refresh
nuget
Duende.AccessTokenManagement.OpenIdConnect
Moderate
9 months ago
ICG.AspNetCore.Utilities.CloudStorage's Secure Token Durations Different Than Expected
nuget
ICG.AspNetCore.Utilities.CloudStorage
Moderate
9 months ago
MPXJ has a Potential Path Traversal Vulnerability
nuget, pypi, rubygems, maven
MPXJ.Net, net.sf.mpxj-for-vb, net.sf.mpxj-for-csharp, net.sf.mpxj, mpxj, net.sf.mpxj:mpxj
Moderate
9 months ago
Umbraco CMS Has Incomplete Server Termination During Explicit Sign-Out
nuget
Umbraco.CMS
Moderate
9 months ago
Umbraco has a Potential Code Execution Risk When Viewing SVG Files in Full Screen in Backoffice
nuget
Umbraco.Cms, UmbracoCms
Moderate
9 months ago
Umbraco CMS logout page displayed before session expiration
nuget
UmbracoCMS, Umbraco.CMS
Moderate
9 months ago
Umbraco CMS vulnerable to stored Cross-site Scripting in the "dictionary name" on Dictionary section
npm, nuget
@umbraco-cms/backoffice, Umbraco.Cms.StaticAssets
Moderate
9 months ago
Security Update for the OPC UA .NET Standard Stack
nuget
OPCFoundation.NetStandard.Opc.Ua.Core, OPCFoundation.NetStandard.Opc.Ua
Moderate
10 months ago
MessagePack allows untrusted data to lead to DoS attack due to hash collisions and stack overflow
nuget
MessagePack
Moderate
11 months ago
Umbraco CMS vulnerable to Generation of Error Message Containing Sensitive Information
nuget
Umbraco.Cms.Api.Management
Moderate
12 months ago
Microsoft Security Advisory CVE-2024-38167 | .NET Information Disclosure Vulnerability
nuget
Microsoft.NetCore.App.Runtime.win-x86, Microsoft.NetCore.App.Runtime.win-x64, Microsoft.NetCore.App.Runtime.win-arm64, Microsoft.NetCore.App.Runtime.win-arm, Microsoft.NetCore.App.Runtime.osx-x64, Microsoft.NetCore.App.Runtime.osx-arm64, Microsoft.NetCore.App.Runtime.linux-x64, Microsoft.NetCore.App.Runtime.linux-musl-x64, Microsoft.NetCore.App.Runtime.linux-musl-arm64, Microsoft.NetCore.App.Runtime.linux-musl-arm, Microsoft.NetCore.App.Runtime.linux-arm64, Microsoft.NetCore.App.Runtime.linux-arm
Moderate
12 months ago
IdentityServer Open Redirect vulnerability
nuget
IdentityServer4, Duende.IdentityServer
Moderate
about 1 year ago
SixLabors ImageSharp has Excessive Memory Allocation in Gif Decoder
nuget
SixLabors.ImageSharp
Moderate
about 1 year ago
Bootstrap Cross-Site Scripting (XSS) vulnerability
maven, packagist, nuget, rubygems, npm
org.webjars.npm:bootstrap, org.webjars:bootstrap, twbs/bootstrap, bootstrap.sass, bootstrap
Moderate
about 1 year ago
Bootstrap Cross-Site Scripting (XSS) vulnerability
npm, maven, packagist, nuget, rubygems
bootstrap-sass, org.webjars.npm:bootstrap, org.webjars:bootstrap, twbs/bootstrap, bootstrap.sass, bootstrap
Moderate
about 1 year ago
TinyMCE Cross-Site Scripting (XSS) vulnerability using noneditable_regexp option
pypi, packagist, nuget, npm
django-tinymce, tinymce/tinymce, TinyMCE, tinymce
Moderate
about 1 year ago
TinyMCE Cross-Site Scripting (XSS) vulnerability using noscript elements
pypi, packagist, nuget, npm
django-tinymce, tinymce/tinymce, TinyMCE, tinymce
Moderate
about 1 year ago
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
go, nuget, maven, npm, pypi
github.com/Azure/azure-sdk-for-go/sdk/azidentity, Microsoft.Identity.Client, com.microsoft.azure:msal4j, @azure/msal-node, Azure.Identity, com.azure:azure-identity, @azure/identity, azure-identity
Moderate
about 1 year ago
Umbraco Commerce vulnerable to Stored Cross-site Scripting on Print Functionality
nuget
Umbraco.Commerce
Moderate
about 1 year ago
Umbraco CMS Vulnerable to Stored XSS on Content Page Through Markdown Editor Preview Pane
nuget
UmbracoCms.Core
Moderate
about 1 year ago
Umbraco CMS Open Redirect Bypass Protection
nuget
Umbraco.Cms.Web.BackOffice, UmbracoCms.Core
Moderate
about 1 year ago
Microsoft Security Advisory CVE-2024-30046 | .NET Denial of Service Vulnerability
nuget
Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.win-x64, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm
Moderate
about 1 year ago
Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability
nuget
Microsoft.NetCore.App.Runtime.linux-musl-arm64, Microsoft.NetCore.App.Runtime.win-x86, Microsoft.NetCore.App.Runtime.win-x64, Microsoft.NetCore.App.Runtime.win-arm64, Microsoft.NetCore.App.Runtime.win-arm, Microsoft.NetCore.App.Runtime.osx-x64, Microsoft.NetCore.App.Runtime.osx-arm64, Microsoft.NetCore.App.Runtime.linux-x64, Microsoft.NetCore.App.Runtime.linux-musl-x64, Microsoft.NetCore.App.Runtime.linux-musl-arm, Microsoft.NetCore.App.Runtime.linux-arm64, Microsoft.NetCore.App.Runtime.linux-arm
Moderate
about 1 year ago
Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability
nuget
Microsoft.PowerBI.JavaScript
Moderate
about 1 year ago
Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")
nuget, maven
BouncyCastle.Cryptography, BouncyCastle, org.bouncycastle:bctls-jdk15to18, org.bouncycastle:bctls-jdk14, org.bouncycastle:bctls-jdk18on, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk18on, org.bouncycastle:bctls-fips
Moderate
about 1 year ago
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
maven, nuget
org.bouncycastle:bctls-jdk15to18, org.bouncycastle:bctls-jdk14, org.bouncycastle:bctls-jdk18on, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk18on, BouncyCastle.Cryptography, BouncyCastle
Moderate
about 1 year ago
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
nuget, maven
BouncyCastle.Cryptography, BouncyCastle, org.bouncycastle:bc-fips, org.bouncycastle:bctls-jdk15to18, org.bouncycastle:bctls-jdk14, org.bouncycastle:bctls-jdk18on, org.bouncycastle:bcprov-jdk14, org.bouncycastle:bcprov-jdk15to18, org.bouncycastle:bcprov-jdk15on, org.bouncycastle:bcprov-jdk18on
Moderate
over 1 year ago
Umbraco Workflow's Backoffice users can execute arbitrary SQL
nuget
Plumber.Workflow, Umbraco.Workflow
Moderate
over 1 year ago
Blind SSRF Leads to Port Scan by using Webhooks
nuget
Umbraco.Cms.Web.BackOffice, Umbraco.Cms.Core
Moderate
over 1 year ago
SixLabors.ImageSharp vulnerable to Memory Allocation with Excessive Size Value
nuget
SixLabors.ImageSharp
Moderate
over 1 year ago
Sensitive query parameters logged by default in OpenTelemetry.Instrumentation http and AspNetCore
nuget
OpenTelemetry.Instrumentation.AspNetCore, OpenTelemetry.Instrumentation.Http
Moderate
over 1 year ago
Azure Identity Library for .NET Information Disclosure Vulnerability
nuget
Azure.Identity
Moderate
over 1 year ago
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling iframes
packagist, nuget, npm
tinymce/tinymce, TinyMCE, tinymce
Moderate
over 1 year ago
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elements
nuget, npm, packagist
TinyMCE, tinymce, tinymce/tinymce
Moderate
over 1 year ago
FullStackHero's WebAPI Boilerplate host header injection vulnerability
nuget
FullStackHero.WebAPI.Boilerplate
Moderate
over 1 year ago
Cross-site Scripting in Serenity
npm, nuget
@serenity-is/corelib, Serenity.Net.Core
Moderate
over 1 year ago
.NET Information Disclosure Vulnerability
nuget
Microsoft.AspNetCore.App.Runtime.linux-musl-arm, Microsoft.AspNetCore.App.Runtime.linux-musl-arm64, Microsoft.AspNetCore.App.Runtime.osx-arm64, Microsoft.AspNetCore.App.Runtime.win-arm, Microsoft.AspNetCore.App.Runtime.win-arm64, Microsoft.AspNetCore.App.Runtime.linux-arm, Microsoft.AspNetCore.App.Runtime.linux-arm64, Microsoft.AspNetCore.App.Runtime.linux-musl-x64, Microsoft.AspNetCore.App.Runtime.osx-x64, Microsoft.AspNetCore.App.Runtime.win-x86, Microsoft.AspNetCore.App.Runtime.linux-x64, Microsoft.AspNetCore.App.Runtime.win-x64, System.Security.Cryptography.Xml
Moderate
over 1 year ago
Microsoft ASP.NET Core project templates vulnerable to denial of service
nuget
Microsoft.IdentityModel.JsonWebTokens, System.IdentityModel.Tokens.Jwt
Moderate
over 1 year ago
Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL)
nuget
Snowflake.Data
Moderate
over 1 year ago
pubnub Insufficient Entropy vulnerability
go, swift, pypi, pub, packagist, cargo, rubygems, nuget, maven, npm
github.com/pubnub/go/v5, github.com/pubnub/go/v6, github.com/pubnub/go, github.com/pubnub/swift, pubnub, pubnub/pubnub, Pubnub, github.com/pubnub/go/v7, com.pubnub:pubnub, com.pubnub:pubnub-kotlin
Moderate
over 1 year ago
TinyMCE vulnerable to mutation Cross-site Scripting via special characters in unescaped text nodes
nuget, packagist, npm
TinyMCE, tinymce/tinymce, tinymce
Moderate
over 1 year ago
Microsoft Security Advisory CVE-2023-36558: .NET Security Feature Bypass Vulnerability
nuget
Microsoft.AspNetCore.Components
Moderate
almost 2 years ago
TinyMCE XSS vulnerability in notificationManager.open API
packagist, nuget, npm
tinymce/tinymce, TinyMCE, tinymce
Moderate
almost 2 years ago
TinyMCE mXSS vulnerability in undo/redo, getContent API, resetContent API, and Autosave plugin
packagist, nuget, npm
tinymce/tinymce, TinyMCE, tinymce
Moderate
almost 2 years ago
Bunkum tokens cached in the AuthenticationService are susceptible to a use-after-free
nuget
Bunkum
Moderate
almost 2 years ago
Microsoft Common Data Model SDK Denial of Service Vulnerability
pypi, maven, nuget
commondatamodel-objectmodel, com.microsoft.commondatamodel:objectmodel, Microsoft.CommonDataModel.ObjectModel
Moderate
almost 2 years ago
HtmlSanitizer vulnerable to Cross-site Scripting in Foreign Content
nuget
HtmlSanitizer
Moderate
almost 2 years ago
Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability
nuget
Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-x64
Moderate
about 2 years ago
Exposure of Sensitive Information in OPC UA .NET Standard Reference Server
nuget
OPCFoundation.NetStandard.Opc.Ua.Server, OPCFoundation.NetStandard.Opc.Ua.Core
Moderate
over 2 years ago
User account enumeration in Serenity
nuget
Serenity.Net.Web, Serenity.Net.Core
Moderate
over 2 years ago
Cross Site Scripting (XSS) in Serenity
nuget
Serenity.Net.Services, Serenity.Net.Core
Moderate
over 2 years ago
Security bug in ConvertToSinglePlane when used with untrusted content from the DDS loader
nuget
directxtex_uwp, directxtex_desktop_win10, directxtex_desktop_2019
Moderate
over 2 years ago
Cross-site scripting vulnerability in TinyMCE alerts
nuget, packagist, npm
TinyMCE, tinymce/tinymce, tinymce
Moderate
over 2 years ago
DSInternals Credential Roaming Elevation of Privilege Vulnerability
nuget
DSInternals.Common
Moderate
over 2 years ago
Remote code execution vulnerability in dependency System.Drawing.Common
nuget
Akka
Moderate
over 2 years ago
.NET Information Disclosure Vulnerability
nuget
Microsoft.Data.SqlClient, System.Data.SqlClient
Moderate
almost 3 years ago
.NET Core Information Disclosure Vulnerability
nuget
Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.Mono.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-x64, Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64, Microsoft.NETCore.App.Runtime.Mono.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-arm, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App.Runtime.rhel.6-x64, Microsoft.NETCore.App
Moderate
almost 3 years ago
.NET Remote Code Execution Vulnerability
nuget
Microsoft.NETCore.App.Runtime.win-x86, Microsoft.NETCore.App.Runtime.win-x64, Microsoft.NETCore.App.Runtime.win-arm64, Microsoft.NETCore.App.Runtime.win-arm, Microsoft.NETCore.App.Runtime.osx-x64, Microsoft.NETCore.App.Runtime.osx-arm64, Microsoft.NETCore.App.Runtime.Mono.win-x86, Microsoft.NETCore.App.Runtime.Mono.win-x64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64, Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.tvos-arm64, Microsoft.NETCore.App.Runtime.Mono.osx-x64, Microsoft.NETCore.App.Runtime.Mono.osx-arm64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64, Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-x64, Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64, Microsoft.NETCore.App.Runtime.Mono.linux-arm64, Microsoft.NETCore.App.Runtime.Mono.linux-arm, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64, Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.ios-arm64, Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.ios-arm, Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.browser-wasm, Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.android-x86, Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.android-x64, Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.android-arm64, Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x86, Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x64, Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.arm64, Microsoft.NETCore.App.Runtime.Mono.android-arm, Microsoft.NETCore.App.Runtime.linux-x64, Microsoft.NETCore.App.Runtime.linux-musl-x64, Microsoft.NETCore.App.Runtime.linux-musl-arm64, Microsoft.NETCore.App.Runtime.linux-musl-arm, Microsoft.NETCore.App.Runtime.linux-arm64, Microsoft.NETCore.App.Runtime.linux-arm, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm.Msi.x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86.Msi.x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64.Msi.x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64.Msi.x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm.Msi.x64, Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-x64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvos-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-x64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-x86, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-x64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.browser-wasm, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-x86, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-x64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-arm64, Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-arm, Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.browser-wasm, Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-x86, Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-x64, Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm64, Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm
Moderate
almost 3 years ago
DNN vulnerable to Relative Path Traversal
nuget
DotNetNuke.Web, DotNetNuke.Core
Moderate
almost 3 years ago
Exposure of Sensitive Information in OPCFoundation.NetStandard.Opc.Ua.Server
nuget
OPCFoundation.NetStandard.Opc.Ua.Server
Moderate
about 3 years ago
jQuery UI vulnerable to XSS when refreshing a checkboxradio with an HTML-like initial text label
rubygems, nuget, maven, npm
jquery-ui-rails, jQuery.UI.Combined, org.webjars.npm:jquery-ui, jquery-ui
Filter by Severity
Filter by Ecosystem
maven
3,135
packagist
3,007
pypi
2,022
npm
1,354
go
1,273
nuget
659
rubygems
437
cargo
411
hex
16
swift
13
actions
7
pub
3
Filter by Package
DotNetNuke.Core
14
TinyMCE
11
tinymce/tinymce
11
tinymce
11
bootstrap
10
twbs/bootstrap
9
bootstrap
9
bootstrap
9
org.webjars:bootstrap
9
Microsoft.ChakraCore
8
bootstrap.sass
8
jquery-ui-rails
7
jQuery.UI.Combined
7
Umbraco.Cms
7
org.webjars.npm:jquery-ui
7
jquery-ui
7
jquery-rails
7
jquery
7
org.webjars.npm:jquery
7
bootstrap-sass
7
jQuery
6
bootstrap-sass
6
Microsoft.NETCore.App.Runtime.linux-x64
5
Microsoft.NETCore.App.Runtime.linux-musl-x64
5
Microsoft.NETCore.App.Runtime.linux-arm
5
Microsoft.NETCore.App.Runtime.linux-musl-arm
5
Microsoft.NETCore.App.Runtime.linux-arm64
5
Microsoft.NETCore.App.Runtime.linux-musl-arm64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64
4
UmbracoCms
4
Microsoft.AspNetCore.All
4
OPCFoundation.NetStandard.Opc.Ua.Core
4
Microsoft.NETCore.App.Runtime.Mono.linux-x64
4
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64
4
Microsoft.NETCore.App.Runtime.win-arm
4
BouncyCastle
4
Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64
4
Microsoft.NETCore.App.Runtime.Mono.linux-arm64
4
Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64
4
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64
4
Microsoft.NETCore.App.Runtime.win-arm64
4
Microsoft.NETCore.App.Runtime.osx-x64
4
Microsoft.NETCore.App.Runtime.Mono.linux-arm
4
Microsoft.NETCore.App
4
Umbraco.CMS
4
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64
4
org.bouncycastle:bcprov-jdk14
4
org.bouncycastle:bcprov-jdk15to18
4
Microsoft.NETCore.App.Runtime.win-x64
4
Microsoft.NETCore.App.Runtime.win-x86
4
Microsoft.NETCore.App.Runtime.Mono.osx-x64
4
OPCFoundation.NetStandard.Opc.Ua
4
Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64
4
Microsoft.AspNetCore.App.Runtime.linux-arm
3
org.bouncycastle:bctls-jdk18on
3
org.bouncycastle:bctls-jdk15to18
3
Microsoft.AspNetCore.App.Runtime.win-arm
3
BouncyCastle.Cryptography
3
Microsoft.AspNetCore.App.Runtime.linux-x64
3
UmbracoCms.Core
3
Piranha
3
Microsoft.AspNetCore.App.Runtime.osx-x64
3
org.bouncycastle:bcprov-jdk18on
3
org.bouncycastle:bcprov-jdk15on
3
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
3
Microsoft.AspNetCore.App.Runtime.win-x64
3
SSCMS
3
Serenity.Net.Core
3
Microsoft.AspNetCore.App
3
org.bouncycastle:bctls-jdk14
3
Microsoft.AspNetCore.App.Runtime.win-x86
3
SharpZipLib
3
django-tinymce
3
Microsoft.AspNetCore.App.Runtime.linux-arm64
3
SixLabors.ImageSharp
3
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x86
2
Microsoft.AspNetCore.Mvc.ViewFeatures
2
Microsoft.AspNetCore.Mvc.WebApiCompatShim
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.x86
2
Microsoft.AspNetCore.Mvc.Razor.Host
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.osx-arm64
2
Microsoft.NetCore.App.Runtime.win-x64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm64
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.x64
2
Microsoft.AspNetCore.Mvc.TagHelpers
2
DotNetNuke.Web
2
Microsoft.NetCore.App.Runtime.win-x86
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.x86
2
Microsoft.AspNetCore.Mvc.Abstractions
2
OPCFoundation.NetStandard.Opc.Ua.Server
2
Microsoft.NetCore.App.Runtime.osx-x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.rhel.6-x64
2
org.webjars.npm:bootstrap
2
Microsoft.NETCore.App.Runtime.browser-wasm
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm64.Msi.arm64
2
Microsoft.AspNetCore.Mvc.Formatters.Json
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64.Msi.x86
2
maximebf/debugbar
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm
2
Microsoft.NetCore.App.Runtime.linux-arm64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.x86
2
Bootstrap.Less
2
Umbraco.Cms.Web.BackOffice
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.x86
2
Microsoft.NetCore.App.Runtime.win-arm
2
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.android-arm.Msi.x86
2
components/jquery
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.browser-wasm.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64
2
System.Net.WebSockets.Client
2
Microsoft.AspNetCore.Mvc.DataAnnotations
2
OrchardCore
2
Microsoft.NETCore.App.Runtime.Mono.win-x86
2
NuGet.Commands
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-arm
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-x64
2
org.bouncycastle:bc-fips
2
Microsoft.AspNetCore.Mvc.Razor
2
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-x86
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvos-arm64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x86
2
Microsoft.NetCore.App.Runtime.linux-musl-arm
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-arm64.Msi.arm64
2
DNN.PLATFORM
2
Microsoft.NetCore.App.Runtime.linux-arm
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.win-x64
2
System.Net.Http.WinHttpHandler
2
Microsoft.NetCore.App.Runtime.osx-arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-arm64
2
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.browser-wasm
2
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.x86
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64
2
Microsoft.AspNetCore.Mvc
2
Microsoft.NETCore.App.Runtime.Mono.android-x64.Msi.x86
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64.Msi.arm64
2
Umbraco.Cms.Api.Management
2
Microsoft.NETCore.App.Runtime.Mono.tvos-arm64.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x86
2
System.Net.Security
2
ServiceStack
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-x64
2
Azure.Identity
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64.Msi.x64
2
IdentityServer4
2
Microsoft.NETCore.App.Runtime.Mono.android-x86.Msi.arm64
2
MessagePack
2
Microsoft.AspNetCore.Mvc.Cors
2
Microsoft.AspNetCore.App.Runtime.osx-arm64
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-arm64
2
Umbraco.Cms.StaticAssets
2
Microsoft.NetCore.App.Runtime.linux-musl-x64
2
Microsoft.NETCore.App.Runtime.Mono.android-x64
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-x64
2
Microsoft.NETCore.App.Runtime.Mono.maccatalyst-x64.Msi.x64
2
Microsoft.AspNetCore.Mvc.Localization
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm.Msi.arm64
2
Microsoft.NETCore.App.Runtime.Mono.android-arm64
2
Microsoft.NETCore.App.Runtime.Mono.osx-arm64
2
Microsoft.NETCore.App.Runtime.Mono.ios-arm
2
Microsoft.AspNetCore.Mvc.Core
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm
2
Microsoft.NETCore.App.Runtime.Mono.tvossimulator-x64.Msi.arm64
2
System.Text.Encodings.Web
2
Microsoft.AspNetCore.Mvc.ApiExplorer
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-x86
2
Microsoft.NETCore.App.Runtime.Mono.android-x86
2
Microsoft.NetCore.App.Runtime.win-arm64
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-arm64
2
Microsoft.NETCore.App.Runtime.Mono.iossimulator-arm64
2
Microsoft.AspNetCore.App.Runtime.win-arm64
2
Filter by Repository
https://github.com/umbraco/Umbraco-CMS
23
https://github.com/tinymce/tinymce
11
https://github.com/jquery/jquery
8
https://github.com/dotnet/runtime
8
https://github.com/chakra-core/ChakraCore
7
https://github.com/twbs/bootstrap
7
https://github.com/OPCFoundation/UA-.NETStandard
7
https://github.com/dnnsoftware/Dnn.Platform
6
https://github.com/github/advisory-database
6
https://github.com/jquery/jquery-ui
6
https://github.com/bcgit/bc-csharp
4
https://github.com/dotnet/aspnetcore
3
https://github.com/icsharpcode/SharpZipLib
3
https://github.com/SixLabors/ImageSharp
3
https://github.com/PiranhaCMS/piranha.core
3
https://github.com/Azure/azure-sdk-for-net
2
https://github.com/DuendeSoftware/IdentityServer
2
https://github.com/adamhathcock/sharpcompress
2
https://github.com/open-telemetry/opentelemetry-dotnet
2
https://github.com/orchardcms/orchardcore
2
https://github.com/snowflakedb/snowflake-connector-net
2
https://github.com/siteserver/cms
2
https://github.com/ServiceStack/ServiceStack
2
https://github.com/serenity-is/Serenity
2
https://github.com/haf/DotNetZip.Semverd
1
https://github.com/google/brotli
1
https://github.com/spassarop/antisamy-dotnet
1
https://github.com/DuendeSoftware/foss
1
https://github.com/DuendeSoftware/Duende.AccessTokenManagement
1
https://github.com/dub-flow/vulnerability-research
1
https://github.com/sshnet/NET
1
https://github.com/dotnet/corefx
1
https://github.com/Sustainsys/Saml2
1
https://github.com/swagger-api/swagger-ui
1
https://github.com/dnnsoftware/dnn.platform
1
https://github.com/Devolutions/XTS.NET
1
https://github.com/couchbase/couchbase-net-client
1
https://github.com/umbraco/Umbraco.Commerce.Issues
1
https://github.com/cefsharp/CefSharp
1
https://github.com/umbraco/Umbraco.Forms.Issues
1
https://github.com/umbraco/Umbraco.Workflow.Issues
1
https://github.com/Azure/azure-sdk-for-go
1
https://github.com/AzureAD/microsoft-identity-web
1
https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet
1
https://github.com/apache/logging-log4net
1
https://github.com/akkadotnet/akka.net
1
https://github.com/Aiko-IT-Systems/DisCatSharp
1
https://github.com/restsharp/RestSharp
1
https://github.com/pubnub/javascript
1
https://github.com/Pryaxis/TShock
1
https://github.com/PowerShell/PowerShell
1
https://github.com/SeppPenner/WindowsHello
1
https://github.com/pentesttoolscom/vulnerability-research
1
https://github.com/OrchardCMS/OrchardCore
1
https://github.com/oqtane/oqtane.framework
1
https://github.com/SeriaWei/ZKEACMS
1
https://github.com/serilog-contrib/serilog-enrichers-clientinfo
1
https://github.com/OPCFoundation/UA-.NET-Legacy
1
https://github.com/NuGet/NuGet.Client
1
https://github.com/NuGet/Home
1
https://github.com/neuecc/MessagePack-CSharp
1
https://github.com/mongodb/mongo-csharp-driver
1
https://github.com/microsoft/DirectXTex
1
https://github.com/michaelschwarz/Ajax.NET-Professional
1
https://github.com/MichaelGrafnetter/DSInternals
1
https://github.com/mganss/HtmlSanitizer
1
https://github.com/MessagePack-CSharp/MessagePack-CSharp
1
https://github.com/LittleBigRefresh/Bunkum
1
https://github.com/joniles/mpxj
1
https://github.com/IowaComputerGurus/aspnetcore.utilities.cloudstorage
1
https://github.com/snapappointments/bootstrap-select
1
https://gitlab.com/eLeN3Re/cve-2020-9472
1