nuget
755,150 packages ยท nuget.org
Security Advisories for https://github.com/umbraco/Umbraco-CMS in nuget Clear Filters
Moderate
4 months ago
Umbraco Delivery API allows for cached requests to be returned with an invalid API key
nuget
Umbraco.Cms.Api.Delivery
Moderate
6 months ago
Umbraco Vulnerable to By-Pass of Configured Allowed Extensions for File Uploads
nuget
Umbraco.Cms
Moderate
7 months ago
Umbraco Makes User Enumeration Feasible Based on Timing of Login Response
nuget
Umbraco.Cms
High
7 months ago
Umbraco has a Management API Vulnerability to Path Traversal With Authenticated Users
nuget
Umbraco.Cms
Moderate
8 months ago
Umbraco Allows a Restricted Editor User to Delete Media Item or Access Unauthorized Content
nuget
Umbraco.Cms.Web.Backoffice
Moderate
8 months ago
Umbraco Allows Improper API Access Control to Low-Privilege Users to Data Type Functionality
nuget
Umbraco.Cms.Api.Management
Moderate
10 months ago
Umbraco Allows User Enumeration Feasible Based On Management API Timing and Response Codes
nuget
Umbraco.Cms
Moderate
10 months ago
XSS/HTML Injection Vulnerability in Umbraco Backoffice Components
npm, nuget
@umbraco-cms/backoffice, Umbraco.Cms.StaticAssets
Moderate
about 1 year ago
Umbraco CMS Has Incomplete Server Termination During Explicit Sign-Out
nuget
Umbraco.CMS
Moderate
about 1 year ago
Umbraco has a Potential Code Execution Risk When Viewing SVG Files in Full Screen in Backoffice
nuget
Umbraco.Cms, UmbracoCms
Moderate
about 1 year ago
Umbraco CMS logout page displayed before session expiration
nuget
UmbracoCMS, Umbraco.CMS
Low
about 1 year ago
Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API
nuget
Umbraco.CMS
Moderate
about 1 year ago
Umbraco CMS vulnerable to stored Cross-site Scripting in the "dictionary name" on Dictionary section
npm, nuget
@umbraco-cms/backoffice, Umbraco.Cms.StaticAssets
Moderate
about 1 year ago
Umbraco CMS vulnerable to Generation of Error Message Containing Sensitive Information
nuget
Umbraco.Cms.Api.Management
Moderate
over 1 year ago
Umbraco CMS Vulnerable to Stored XSS on Content Page Through Markdown Editor Preview Pane
nuget
UmbracoCms.Core
Moderate
over 1 year ago
Umbraco CMS Open Redirect Bypass Protection
nuget
Umbraco.Cms.Web.BackOffice, UmbracoCms.Core
Moderate
over 1 year ago
Blind SSRF Leads to Port Scan by using Webhooks
nuget
Umbraco.Cms.Web.BackOffice, Umbraco.Cms.Core
Low
almost 2 years ago
SMTP misconfiguration leading to "Forgot Password" exploit that leaks registered user email.
nuget
Umbraco.CMS
Low
almost 2 years ago
Using the directory back payload (โ/../โ) in a package name allows placement of package in other folders.
nuget
Umbraco.CMS
High
over 2 years ago
Umbraco allows possible Admin-level access to backoffice without Auth under rare conditions
nuget
Umbraco.Cms.Web.BackOffice, Umbraco.Cms.Infrastructure
Filter by Severity
Filter by Package
Microsoft.ChakraCore
247
DotNetNuke.Core
28
Microsoft.AspNetCore.App.Runtime.win-x86
20
Microsoft.AspNetCore.App.Runtime.win-x64
20
Microsoft.AspNetCore.App.Runtime.win-arm
18
Microsoft.AspNetCore.App.Runtime.linux-x64
18
Microsoft.AspNetCore.App.Runtime.linux-arm64
17
Microsoft.AspNetCore.App.Runtime.win-arm64
17
Microsoft.AspNetCore.App.Runtime.osx-x64
17
Microsoft.AspNetCore.App.Runtime.linux-arm
17
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
17
Microsoft.NetCore.App.Runtime.win-arm
17
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
17
Microsoft.NetCore.App.Runtime.win-x86
16
Microsoft.NetCore.App.Runtime.win-x64
16
Microsoft.NetCore.App.Runtime.win-arm64
16
Umbraco.CMS
13
Microsoft.AspNetCore.App.Runtime.linux-musl-arm
13
Microsoft.NETCore.App.Runtime.win-arm64
12
Microsoft.NetCore.App.Runtime.linux-musl-x64
12
Microsoft.NetCore.App.Runtime.linux-musl-arm
12
Magick.NET-Q16-HDRI-AnyCPU
12
Microsoft.NetCore.App.Runtime.linux-arm
12
Microsoft.NetCore.App.Runtime.osx-x64
12
Microsoft.NetCore.App.Runtime.osx-arm64
12
Microsoft.NetCore.App.Runtime.linux-musl-arm64
12
Microsoft.NETCore.App.Runtime.win-x86
12
Microsoft.NetCore.App.Runtime.linux-x64
12
Microsoft.NETCore.App.Runtime.win-x64
12
Microsoft.NetCore.App.Runtime.linux-arm64
12
Magick.NET-Q16-AnyCPU
12
tinymce/tinymce
11
tinymce
11
OPCFoundation.NetStandard.Opc.Ua.Core
11
TinyMCE
11
Magick.NET-Q8-OpenMP-x64
10
Microsoft.AspNetCore.App.Runtime.osx-arm64
10
Magick.NET-Q16-x64
10
Magick.NET-Q8-x64
10
Magick.NET-Q16-x86
10
Microsoft.NETCore.App
10
Magick.NET-Q8-x86
10
Magick.NET-Q16-HDRI-x86
10
Magick.NET-Q16-HDRI-x64
10
Magick.NET-Q8-AnyCPU
10
Magick.NET-Q16-HDRI-arm64
9
Magick.NET-Q16-arm64
9
Microsoft.AspNetCore.All
9
Magick.NET-Q16-HDRI-OpenMP-arm64
9
Magick.NET-Q8-arm64
9
Magick.NET-Q16-OpenMP-x64
9
Magick.NET-Q8-OpenMP-arm64
9
Magick.NET-Q16-OpenMP-arm64
9
Magick.NET-Q16-HDRI-OpenMP-x64
9
Umbraco.Cms
8
Microsoft.NETCore.App.Runtime.linux-arm
8
Microsoft.NETCore.App.Runtime.linux-musl-x64
8
Microsoft.NETCore.App.Runtime.linux-arm64
8
Microsoft.NETCore.App.Runtime.linux-x64
8
Microsoft.NETCore.App.Runtime.linux-musl-arm64
8
Microsoft.NETCore.App.Runtime.osx-x64
8
Microsoft.NETCore.App.Runtime.win-arm
8
Microsoft.AspNetCore.App
8
SixLabors.ImageSharp
7
jquery-ui
7
jQuery.UI.Combined
7
org.webjars.npm:jquery-ui
7
CefSharp.Common
7
CefSharp.WinForms
6
CefSharp.Wpf
6
OPCFoundation.NetStandard.Opc.Ua
6
Piranha
6
Microsoft.NETCore.App.Runtime.linux-musl-arm
6
CefSharp.Wpf.HwndHost
6
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64
5
Microsoft.NETCore.App.Runtime.Mono.osx-x64
5
Microsoft.AspNetCore.Server.Kestrel.Core
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.linux-x64
5
DNN.PLATFORM
5
jQuery
5
jquery
5
Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64
5
SSCMS
4
SharpZipLib
4
bootstrap
4
org.webjars.npm:jquery
4
Microsoft.WindowsDesktop.App.Runtime.win-arm64
4
Serenity.Net.Core
4
NuGet.Commands
4
Snowflake.Data
4
Microsoft.NETCore.App.Runtime.rhel.6-x64
4
AjaxNetProfessional
4
Microsoft.AspNetCore.Mvc.Core
4
Microsoft.NETCore.App.Runtime.Mono.linux-arm
4
Microsoft.AspNetCore.Mvc
4
Microsoft.WindowsDesktop.App.Runtime.win-x64
4
UmbracoCms
4
Microsoft.WindowsDesktop.App.Runtime.win-x86
4
Microsoft.NETCore.App.Runtime.Mono.linux-arm64
4
NuGet.CommandLine
4
UmbracoForms
3
OPCFoundation.NetStandard.Opc.Ua.Server
3
Sustainsys.Saml2
3
BouncyCastle
3
Microsoft.Native.Quic.MsQuic.Schannel
3
Microsoft.AspNetCore.Identity
3
Umbraco.Cms.Web.BackOffice
3
UmbracoCms.Core
3
Umbraco.Forms
3
System.Net.Http
3
System.Private.Uri
3
BouncyCastle.Cryptography
3
Oqtane.Server
3
jquery-ui-rails
3
bootstrap-sass
3
Azure.Identity
3
System.Security.Cryptography.Xml
3
bootstrap
3
Microsoft.AspNetCore.Mvc.Cors
3
wix
3
Oqtane.Framework
3
System.Text.Encodings.Web
3
bootstrap
3
bootstrap-sass
3
Umbraco.Cms.Core
3
org.webjars:bootstrap
2
System.Net.Http.WinHttpHandler
2
Microsoft.AspNetCore.Mvc.Formatters.Xml
2
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.browser-wasm
2
mpxj
2
org.bouncycastle:bctls-jdk14
2
UmbracoCMS
2
CefSharp.OffScreen
2
org.bouncycastle:bcprov-jdk14
2
IdentityServer4
2
RestSharp
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64.Msi.x64
2
UmbracoCMS.Core
2
System.Linq.Dynamic.Core
2
twbs/bootstrap
2
starkbank-ecdsa
2
org.bouncycastle:bcprov-jdk15on
2
DotNetZip
2
MessagePack
2
bootstrap.sass
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-arm64
2
Moment.js
2
FormCMS
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvos-arm64
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-arm64
2
Microsoft.AspNetCore.Http.Connections
2
Microsoft.NETCore.App.Runtime.browser-wasm
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-arm64
2
org.bouncycastle:bcprov-jdk18on
2
Amazon.IonDotnet
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-x64
2
HtmlSanitizer
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm64
2
net.sf.mpxj-for-csharp
2
PanelSwWix4.Sdk
2
@umbraco-cms/backoffice
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.browser-wasm
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-x64
2
System.Formats.Nrbf
2
log4net
2
moment
2
ServiceStack
2
Microsoft.AspNetCore.Mvc.ApiExplorer
2
Microsoft.AspNetCore.Mvc.Abstractions
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.browser-wasm
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-x86
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64
2
CefSharp.Common.NETCore
2
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm64
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-x64
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-arm64
2
System.Net.WebSockets.Client
2
Microsoft.AspNetCore.Mvc.DataAnnotations
2
Microsoft.Data.SqlClient
2
OrchardCore
2
System.Data.SqlClient
2
net.sf.mpxj
2
org.bouncycastle:bctls-jdk15to18
2
PeterO.Cbor
2
net.sf.mpxj:mpxj
2
Microsoft.Native.Quic.MsQuic.OpenSSL
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-x86
2
Bootstrap.Less
2
Microsoft.Build.Tasks.Core
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-x86
2
PanelSW.Custom.WiX
2
Filter by Repository
https://github.com/chakra-core/ChakraCore
214
https://github.com/dotnet/runtime
38
https://github.com/umbraco/Umbraco-CMS
35
https://github.com/dnnsoftware/Dnn.Platform
23
https://github.com/github/advisory-database
18
https://github.com/dotnet/aspnetcore
16
https://github.com/OPCFoundation/UA-.NETStandard
15
https://github.com/ImageMagick/ImageMagick
14
https://github.com/tinymce/tinymce
11
https://github.com/cefsharp/CefSharp
8
https://github.com/SixLabors/ImageSharp
7
https://github.com/jquery/jquery
7
https://github.com/PiranhaCMS/piranha.core
6
https://github.com/jquery/jquery-ui
6
https://github.com/NuGet/NuGet.Client
4
https://github.com/icsharpcode/SharpZipLib
4
https://github.com/michaelschwarz/Ajax.NET-Professional
4
https://github.com/siteserver/cms
4
https://github.com/snowflakedb/snowflake-connector-net
4
https://github.com/DuendeSoftware/IdentityServer
3
https://github.com/dotnet/wpf
3
https://github.com/Sustainsys/Saml2
3
https://github.com/umbraco/Umbraco.Forms.Issues
3
https://github.com/dotnet/sdk
3
https://github.com/oqtane/oqtane.framework
3
https://github.com/serenity-is/Serenity
3
https://github.com/twbs/bootstrap
3
https://github.com/bcgit/bc-csharp
3
https://github.com/microsoft/msquic
3
https://github.com/wixtoolset/issues
3
https://github.com/Azure/azure-sdk-for-net
3
https://github.com/PowerShell/PowerShell
3
https://github.com/mongodb/mongo-csharp-driver
2
https://github.com/reactiveui/refit
2
https://github.com/Aiko-IT-Systems/DisCatSharp
2
https://github.com/restsharp/RestSharp
2
https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet
2
https://github.com/Pryaxis/TShock
2
https://github.com/akkadotnet/akka.net
2
https://github.com/zzzprojects/System.Linq.Dynamic.Core
2
https://github.com/gordon-matt/elFinder.NetCore
2
https://github.com/ServiceStack/ServiceStack
2
https://github.com/adamhathcock/sharpcompress
2
https://github.com/nirbar/wix4
2
https://github.com/tgstation/tgstation-server
2
https://github.com/peteroupc/CBOR
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/moment/moment
2
https://github.com/open-telemetry/opentelemetry-dotnet
2
https://github.com/nirbar/wix3
2
https://github.com/dotnet/msbuild
2
https://github.com/mganss/HtmlSanitizer
2
https://github.com/joniles/mpxj
2
https://github.com/orchardcms/orchardcore
2
https://github.com/theori-io/chakra-2016-11
2
https://github.com/microsoft/reverse-proxy
2
https://github.com/amazon-ion/ion-dotnet
2
https://github.com/haf/DotNetZip.Semverd
2
https://github.com/dotnet/corefx
2
https://github.com/FormCms/FormCms
2
https://github.com/Orckestra/C1-CMS-Foundation
2
https://github.com/SeriaWei/ZKEACMS
1
https://github.com/CoreWCF/CoreWCF
1
https://github.com/italia/cie-aspnetcore
1
https://github.com/dnnsoftware/dnn.platform
1
https://github.com/DuendeSoftware/Duende.AccessTokenManagement
1
https://github.com/microsoft/DirectXTex
1
https://github.com/IowaComputerGurus/aspnetcore.utilities.cloudstorage
1
https://github.com/Jasig/phpCAS
1
https://github.com/kubernetes/kubernetes
1
https://github.com/AsynkronIT/Wire
1
https://github.com/adplug/adplug
1
https://github.com/elastic/apm-agent-dotnet
1
https://github.com/MessagePack-CSharp/MessagePack-CSharp
1
https://github.com/dotnet/diagnostics
1
https://github.com/trannamtrung1st/elFinder.Net.Core
1
https://github.com/imazen/imageflow
1
https://github.com/starkbank/ecdsa-python
1
https://github.com/umbraco/Umbraco.Commerce.Issues
1
https://github.com/jstedfast/MimeKit
1
https://github.com/ravibpatel/AutoUpdater.NET
1
https://github.com/italia/spid-aspnetcore
1
https://github.com/couchbase/couchbase-net-client
1
https://github.com/umbraco/Umbraco.Workflow.Issues
1
https://github.com/Bluegrams/YoutubeDLSharp
1
https://github.com/TrueLayer/truelayer-dotnet
1
https://github.com/neuecc/MessagePack-CSharp
1
https://github.com/Brondahl/EnumStringValues
1
https://github.com/microsoft/bond
1
https://github.com/riganti/dotvvm
1
https://github.com/open-telemetry/opentelemetry-dotnet-instrumentation
1
https://github.com/mguinness/elFinder.AspNet
1
https://github.com/AzureAD/microsoft-authentication-library-for-dotnet
1
https://github.com/QuantConnect/Lean
1
https://github.com/pentesttoolscom/vulnerability-research
1
https://github.com/microsoft/ChakraCore
1
https://github.com/madskristensen/Miniblog.Core
1
https://github.com/drewnoakes/metadata-extractor-dotnet
1
https://github.com/apache/lucenenet
1
https://github.com/microsoft/botbuilder-dotnet
1
https://github.com/imazen/resizer
1
https://github.com/PowerShell/Announcements
1
https://github.com/jonschlinkert/set-value
1
https://gitlab.com/eLeN3Re/cve-2020-9472
1
https://github.com/glennrp/libpng
1
https://github.com/OPCFoundation/UA-.NET-Legacy
1
https://github.com/Azure/azure-sdk-for-go
1
https://github.com/spassarop/antisamy-dotnet
1
https://github.com/aaubry/YamlDotNet
1
https://github.com/moq/moq
1
https://github.com/apache/avro
1
https://github.com/NancyFx/Nancy
1
https://github.com/blogifierdotnet/Blogifier
1
https://github.com/mwilliamson/mammoth.js
1
https://github.com/dotnetcore/AgileConfig
1
https://github.com/Archomeda/Gw2Sharp
1
https://github.com/npgsql/npgsql
1
https://github.com/google/protobuf
1
https://github.com/Antaris/RazorEngine
1
https://github.com/AzureAD/microsoft-identity-web
1
https://github.com/LittleBigRefresh/Bunkum
1
https://gitlab.com/eLeN3Re/cve-2020-9471
1
https://github.com/git-ecosystem/git-credential-manager
1
https://github.com/DuendeSoftware/foss
1
https://github.com/snapappointments/bootstrap-select
1
https://github.com/ldqk/Masuit.Tools
1
https://github.com/MichaelGrafnetter/DSInternals
1
https://github.com/dub-flow/vulnerability-research
1
https://github.com/turquoiseowl/i18n
1
https://github.com/JamesNK/Newtonsoft.Json
1
https://github.com/gsemac/Gsemac.Common
1
https://github.com/jellyfin/jellyfin-web
1
https://github.com/recurly/recurly-client-net
1
https://github.com/serilog-contrib/serilog-enrichers-clientinfo
1
https://github.com/jellyfin/jellyfin
1
https://github.com/sshnet/NET
1
https://github.com/Shazwazza/Smidge
1
https://github.com/SeppPenner/WindowsHello
1
https://github.com/mbdavid/LiteDB
1
https://github.com/jchristn/IpMatcher
1
https://github.com/personnummer/csharp
1
https://github.com/google/brotli
1
https://github.com/kapetan/dns
1
https://github.com/SinGooCMS/SinGooCMSUtility
1
https://github.com/NuGet/Home
1
https://github.com/brantburnett/Snappier
1
https://github.com/OrchardCMS/OrchardCore
1
https://github.com/FastReports/FastReport
1
https://github.com/jquery-validation/jquery-validation
1
https://github.com/nhibernate/nhibernate-core
1
https://github.com/Devolutions/XTS.NET
1
https://github.com/apache/logging-log4net
1
https://github.com/starkbank/ecdsa-dotnet
1
https://github.com/HangfireIO/Hangfire
1
https://github.com/MarimerLLC/csla
1
https://github.com/apache/activemq-nms-openwire
1
https://github.com/SteeltoeOSS/security-advisories
1