nuget
744,963 packages ยท nuget.org
Security Advisories for https://github.com/umbraco/Umbraco-CMS in nuget Clear Filters
Moderate
2 months ago
Umbraco Delivery API allows for cached requests to be returned with an invalid API key
nuget
Umbraco.Cms.Api.Delivery
Moderate
4 months ago
Umbraco Vulnerable to By-Pass of Configured Allowed Extensions for File Uploads
nuget
Umbraco.Cms
Moderate
5 months ago
Umbraco Makes User Enumeration Feasible Based on Timing of Login Response
nuget
Umbraco.Cms
High
6 months ago
Umbraco has a Management API Vulnerability to Path Traversal With Authenticated Users
nuget
Umbraco.Cms
Moderate
7 months ago
Umbraco Allows a Restricted Editor User to Delete Media Item or Access Unauthorized Content
nuget
Umbraco.Cms.Web.Backoffice
Moderate
7 months ago
Umbraco Allows Improper API Access Control to Low-Privilege Users to Data Type Functionality
nuget
Umbraco.Cms.Api.Management
Moderate
8 months ago
Umbraco Allows User Enumeration Feasible Based On Management API Timing and Response Codes
nuget
Umbraco.Cms
Moderate
8 months ago
XSS/HTML Injection Vulnerability in Umbraco Backoffice Components
npm, nuget
@umbraco-cms/backoffice, Umbraco.Cms.StaticAssets
Moderate
11 months ago
Umbraco CMS Has Incomplete Server Termination During Explicit Sign-Out
nuget
Umbraco.CMS
Moderate
11 months ago
Umbraco has a Potential Code Execution Risk When Viewing SVG Files in Full Screen in Backoffice
nuget
Umbraco.Cms, UmbracoCms
Moderate
11 months ago
Umbraco CMS logout page displayed before session expiration
nuget
UmbracoCMS, Umbraco.CMS
Low
11 months ago
Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API
nuget
Umbraco.CMS
Moderate
11 months ago
Umbraco CMS vulnerable to stored Cross-site Scripting in the "dictionary name" on Dictionary section
npm, nuget
@umbraco-cms/backoffice, Umbraco.Cms.StaticAssets
Moderate
about 1 year ago
Umbraco CMS vulnerable to Generation of Error Message Containing Sensitive Information
nuget
Umbraco.Cms.Api.Management
Moderate
over 1 year ago
Umbraco CMS Vulnerable to Stored XSS on Content Page Through Markdown Editor Preview Pane
nuget
UmbracoCms.Core
Moderate
over 1 year ago
Umbraco CMS Open Redirect Bypass Protection
nuget
Umbraco.Cms.Web.BackOffice, UmbracoCms.Core
Moderate
over 1 year ago
Blind SSRF Leads to Port Scan by using Webhooks
nuget
Umbraco.Cms.Web.BackOffice, Umbraco.Cms.Core
Low
almost 2 years ago
SMTP misconfiguration leading to "Forgot Password" exploit that leaks registered user email.
nuget
Umbraco.CMS
Low
almost 2 years ago
Using the directory back payload (โ/../โ) in a package name allows placement of package in other folders.
nuget
Umbraco.CMS
High
about 2 years ago
Umbraco allows possible Admin-level access to backoffice without Auth under rare conditions
nuget
Umbraco.Cms.Web.BackOffice, Umbraco.Cms.Infrastructure
Filter by Severity
Filter by Package
Microsoft.ChakraCore
247
DotNetNuke.Core
27
Microsoft.AspNetCore.App.Runtime.win-x86
19
Microsoft.AspNetCore.App.Runtime.win-x64
19
Microsoft.AspNetCore.App.Runtime.win-arm
17
Microsoft.AspNetCore.App.Runtime.linux-x64
16
Microsoft.NetCore.App.Runtime.win-arm
16
Microsoft.AspNetCore.App.Runtime.win-arm64
16
Microsoft.AspNetCore.App.Runtime.linux-arm
16
Microsoft.AspNetCore.App.Runtime.linux-arm64
15
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
15
Microsoft.AspNetCore.App.Runtime.osx-x64
15
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
15
Microsoft.NetCore.App.Runtime.win-arm64
14
Microsoft.NetCore.App.Runtime.win-x64
14
Microsoft.NetCore.App.Runtime.win-x86
14
Umbraco.CMS
13
Microsoft.NETCore.App.Runtime.win-x64
12
Microsoft.NETCore.App.Runtime.win-arm64
12
Magick.NET-Q16-x64
11
Magick.NET-Q8-AnyCPU
11
Microsoft.NetCore.App.Runtime.linux-musl-x64
11
Microsoft.NetCore.App.Runtime.linux-arm
11
tinymce/tinymce
11
Magick.NET-Q16-AnyCPU
11
Microsoft.NetCore.App.Runtime.linux-x64
11
Magick.NET-Q8-OpenMP-arm64
11
TinyMCE
11
Microsoft.NetCore.App.Runtime.linux-musl-arm64
11
Microsoft.NetCore.App.Runtime.linux-arm64
11
Magick.NET-Q16-arm64
11
Magick.NET-Q16-OpenMP-x64
11
Microsoft.NetCore.App.Runtime.linux-musl-arm
11
Magick.NET-Q16-HDRI-AnyCPU
11
Microsoft.NETCore.App.Runtime.win-x86
11
OPCFoundation.NetStandard.Opc.Ua.Core
11
Microsoft.NetCore.App.Runtime.osx-x64
11
tinymce
11
Magick.NET-Q16-HDRI-x64
11
Magick.NET-Q16-x86
11
Microsoft.NetCore.App.Runtime.osx-arm64
11
Magick.NET-Q16-OpenMP-arm64
11
Magick.NET-Q8-x64
10
Magick.NET-Q16-HDRI-OpenMP-arm64
10
Microsoft.AspNetCore.App.Runtime.linux-musl-arm
10
Magick.NET-Q8-x86
10
Magick.NET-Q8-OpenMP-x64
10
Microsoft.AspNetCore.All
10
Magick.NET-Q16-HDRI-x86
10
Magick.NET-Q16-HDRI-arm64
10
Magick.NET-Q16-HDRI-OpenMP-x64
10
Microsoft.NETCore.App
10
Magick.NET-Q8-arm64
10
Microsoft.AspNetCore.App.Runtime.osx-arm64
9
Microsoft.NETCore.App.Runtime.linux-musl-arm64
8
Microsoft.NETCore.App.Runtime.linux-arm64
8
Microsoft.AspNetCore.App
8
Microsoft.NETCore.App.Runtime.osx-x64
8
Microsoft.NETCore.App.Runtime.win-arm
8
Microsoft.NETCore.App.Runtime.linux-x64
8
Microsoft.NETCore.App.Runtime.linux-arm
8
Microsoft.NETCore.App.Runtime.linux-musl-x64
8
Umbraco.Cms
8
CefSharp.Common
7
jquery-ui
7
jQuery.UI.Combined
7
org.webjars.npm:jquery-ui
7
SixLabors.ImageSharp
7
Microsoft.NETCore.App.Runtime.linux-musl-arm
6
CefSharp.Wpf
6
CefSharp.WinForms
6
Microsoft.AspNetCore.Mvc.Core
6
CefSharp.Wpf.HwndHost
6
OPCFoundation.NetStandard.Opc.Ua
6
System.Net.Http
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-arm64
5
Piranha
5
Microsoft.AspNetCore.Mvc.Cors
5
jQuery
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.linux-arm64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.osx-x64
5
jquery
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.linux-x64
5
Microsoft.NETCore.App.Runtime.Mono.LLVM.AOT.osx-x64
5
Microsoft.AspNetCore.Server.Kestrel.Core
5
System.Text.Encodings.Web
5
Microsoft.NETCore.App.Runtime.Mono.osx-x64
5
Microsoft.NETCore.App.Runtime.Mono.linux-arm
4
Microsoft.WindowsDesktop.App.Runtime.win-x86
4
Microsoft.NETCore.App.Runtime.Mono.linux-x64
4
Microsoft.AspNetCore.Mvc.ApiExplorer
4
Microsoft.AspNetCore.Mvc.DataAnnotations
4
Microsoft.WindowsDesktop.App.Runtime.win-x64
4
System.Net.WebSockets.Client
4
Microsoft.AspNetCore.Mvc.Formatters.Xml
4
SharpZipLib
4
Microsoft.AspNetCore.Mvc
4
Microsoft.NETCore.App.Runtime.Mono.linux-arm64
4
Microsoft.WindowsDesktop.App.Runtime.win-arm64
4
AjaxNetProfessional
4
System.Net.Security
4
Snowflake.Data
4
Microsoft.AspNetCore.Mvc.Localization
4
NuGet.CommandLine
4
SSCMS
4
Serenity.Net.Core
4
Microsoft.AspNetCore.Mvc.Abstractions
4
Microsoft.NETCore.App.Runtime.rhel.6-x64
4
System.Net.Http.WinHttpHandler
4
Microsoft.AspNetCore.Mvc.Formatters.Json
4
UmbracoCms
4
DNN.PLATFORM
4
NuGet.Commands
4
Microsoft.NETCore.App.Runtime.Mono.linux-musl-x64
4
bootstrap
4
twbs/bootstrap
3
jquery-ui-rails
3
Umbraco.Forms
3
UmbracoCms.Core
3
Oqtane.Server
3
bootstrap
3
System.Security.Cryptography.Xml
3
UmbracoForms
3
Microsoft.AspNetCore.Identity
3
Azure.Identity
3
wix
3
Umbraco.Cms.Web.BackOffice
3
Oqtane.Framework
3
CefSharp.Common.NETCore
3
Microsoft.AspNetCore.Mvc.Razor.Host
3
org.webjars.npm:jquery
3
bootstrap
3
Microsoft.AspNetCore.Mvc.WebApiCompatShim
3
Microsoft.Native.Quic.MsQuic.Schannel
3
Umbraco.Cms.Core
3
Microsoft.Native.Quic.MsQuic.OpenSSL
3
Microsoft.AspNetCore.Mvc.Razor
3
Microsoft.AspNetCore.Mvc.ViewFeatures
3
Microsoft.AspNetCore.Mvc.TagHelpers
3
OPCFoundation.NetStandard.Opc.Ua.Server
3
org.webjars:bootstrap
3
HtmlSanitizer
2
Umbraco.Cms.Api.Management
2
moment
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-arm64
2
bootstrap-sass
2
bootstrap.sass
2
Serenity.Net.Web
2
Moment.js
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x64
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.tvossimulator-x64
2
System.Management.Automation
2
System.Data.SqlClient
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.browser-wasm
2
PeterO.Cbor
2
OrchardCore
2
sharpcompress
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-arm64
2
log4net
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm64.Msi.x64
2
@umbraco-cms/backoffice
2
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-x64
2
System.Private.Uri
2
Duende.IdentityServer
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.iossimulator-x86
2
Umbraco.Cms.StaticAssets
2
net.sf.mpxj:mpxj
2
mpxj
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.maccatalyst-arm64
2
net.sf.mpxj
2
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.browser-wasm
2
BouncyCastle.Cryptography
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-x86
2
Microsoft.NETCore.App.Runtime.browser-wasm
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm.Msi.x64
2
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-x64
2
Yarp.ReverseProxy
2
DotNetNuke.Web
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-x64
2
Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-x86
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm
2
BouncyCastle
2
CefSharp.OffScreen
2
System.IO.Packaging
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-arm
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.ios-arm64
2
Microsoft.NETCore.App.Runtime.AOT.win-x64.Cross.android-x86
2
PanelSW.Custom.WiX
2
net.sf.mpxj-for-vb
2
Microsoft.NETCore.App.Runtime.AOT.osx-x64.Cross.android-arm
2
bootstrap-sass
2
System.Formats.Nrbf
2
starkbank-ecdsa
2
DotNetZip
2
Microsoft.AspNetCore.Server.Kestrel.Transport.Libuv
2
UmbracoCMS.Core
2
elFinder.NetCore
2
Sustainsys.Saml2
2
Filter by Repository
https://github.com/chakra-core/ChakraCore
214
https://github.com/dotnet/runtime
37
https://github.com/umbraco/Umbraco-CMS
35
https://github.com/dnnsoftware/Dnn.Platform
20
https://github.com/github/advisory-database
18
https://github.com/OPCFoundation/UA-.NETStandard
15
https://github.com/dotnet/aspnetcore
15
https://github.com/ImageMagick/ImageMagick
12
https://github.com/tinymce/tinymce
11
https://github.com/cefsharp/CefSharp
8
https://github.com/SixLabors/ImageSharp
7
https://github.com/jquery/jquery
6
https://github.com/jquery/jquery-ui
6
https://github.com/PiranhaCMS/piranha.core
5
https://github.com/snowflakedb/snowflake-connector-net
4
https://github.com/NuGet/NuGet.Client
4
https://github.com/michaelschwarz/Ajax.NET-Professional
4
https://github.com/siteserver/cms
4
https://github.com/icsharpcode/SharpZipLib
4
https://github.com/wixtoolset/issues
3
https://github.com/serenity-is/Serenity
3
https://github.com/Azure/azure-sdk-for-net
3
https://github.com/PowerShell/PowerShell
3
https://github.com/DuendeSoftware/IdentityServer
3
https://github.com/dotnet/sdk
3
https://github.com/microsoft/msquic
3
https://github.com/dotnet/wpf
3
https://github.com/Sustainsys/Saml2
3
https://github.com/umbraco/Umbraco.Forms.Issues
3
https://github.com/oqtane/oqtane.framework
3
https://github.com/nirbar/wix4
2
https://github.com/gordon-matt/elFinder.NetCore
2
https://github.com/restsharp/RestSharp
2
https://github.com/ServiceStack/ServiceStack
2
https://github.com/adamhathcock/sharpcompress
2
https://github.com/tgstation/tgstation-server
2
https://github.com/open-telemetry/opentelemetry-dotnet
2
https://github.com/mganss/HtmlSanitizer
2
https://github.com/twbs/bootstrap
2
https://github.com/Microsoft/ChakraCore
2
https://github.com/bcgit/bc-csharp
2
https://github.com/peteroupc/CBOR
2
https://github.com/microsoft/reverse-proxy
2
https://github.com/dotnet/corefx
2
https://github.com/theori-io/chakra-2016-11
2
https://github.com/nirbar/wix3
2
https://github.com/orchardcms/orchardcore
2
https://github.com/joniles/mpxj
2
https://github.com/haf/DotNetZip.Semverd
2
https://github.com/Aiko-IT-Systems/DisCatSharp
2
https://github.com/mongodb/mongo-csharp-driver
2
https://github.com/reactiveui/refit
2
https://github.com/moment/moment
2
https://github.com/zzzprojects/System.Linq.Dynamic.Core
2
https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet
2
https://github.com/Orckestra/C1-CMS-Foundation
2
https://github.com/Pryaxis/TShock
2
https://github.com/FormCms/FormCms
2
https://github.com/OrchardCMS/OrchardCore
1
https://github.com/glennrp/libpng
1
https://github.com/SinGooCMS/SinGooCMSUtility
1
https://github.com/pubnub/javascript
1
https://github.com/imazen/resizer
1
https://github.com/apache/activemq-nms-openwire
1
https://github.com/MarimerLLC/csla
1
https://github.com/FastReports/FastReport
1
https://github.com/HangfireIO/Hangfire
1
https://github.com/nhibernate/nhibernate-core
1
https://github.com/Devolutions/XTS.NET
1
https://github.com/jquery-validation/jquery-validation
1
https://github.com/MessagePack-CSharp/MessagePack-CSharp
1
https://github.com/elastic/apm-agent-dotnet
1
https://github.com/adplug/adplug
1
https://github.com/Jasig/phpCAS
1
https://github.com/madskristensen/Miniblog.Core
1
https://github.com/qnighy/libwebp-sys2-rs
1
https://github.com/mguinness/elFinder.AspNet
1
https://github.com/TrueLayer/truelayer-dotnet
1
https://github.com/jstedfast/MimeKit
1
https://github.com/umbraco/Umbraco.Commerce.Issues
1
https://github.com/italia/spid-aspnetcore
1
https://github.com/umbraco/Umbraco.Workflow.Issues
1
https://github.com/Brondahl/EnumStringValues
1
https://github.com/QuantConnect/Lean
1
https://github.com/dnnsoftware/dnn.platform
1
https://github.com/SeriaWei/ZKEACMS
1
https://github.com/CoreWCF/CoreWCF
1
https://github.com/italia/cie-aspnetcore
1
https://github.com/microsoft/DirectXTex
1
https://github.com/AsynkronIT/Wire
1
https://github.com/dotnet/diagnostics
1
https://github.com/turquoiseowl/i18n
1
https://github.com/gsemac/Gsemac.Common
1
https://github.com/jellyfin/jellyfin-web
1
https://github.com/recurly/recurly-client-net
1
https://github.com/SeppPenner/WindowsHello
1
https://github.com/personnummer/csharp
1
https://github.com/dub-flow/vulnerability-research
1
https://github.com/jellyfin/jellyfin
1
https://github.com/sshnet/NET
1
https://github.com/mbdavid/LiteDB
1
https://github.com/jchristn/IpMatcher
1
https://github.com/google/brotli
1
https://github.com/kapetan/dns
1
https://github.com/akkadotnet/akka.net
1
https://github.com/NuGet/Home
1
https://github.com/brantburnett/Snappier
1
https://github.com/apache/logging-log4net
1
https://github.com/starkbank/ecdsa-dotnet
1
https://github.com/SteeltoeOSS/security-advisories
1
https://github.com/microsoft/botbuilder-dotnet
1
https://github.com/jonschlinkert/set-value
1
https://gitlab.com/eLeN3Re/cve-2020-9472
1
https://github.com/OPCFoundation/UA-.NET-Legacy
1
https://github.com/spassarop/antisamy-dotnet
1
https://github.com/aaubry/YamlDotNet
1
https://github.com/NancyFx/Nancy
1
https://github.com/blogifierdotnet/Blogifier
1
https://github.com/npgsql/npgsql
1
https://github.com/google/protobuf
1
https://github.com/AzureAD/microsoft-identity-web
1
https://github.com/Antaris/RazorEngine
1
https://gitlab.com/eLeN3Re/cve-2020-9471
1
https://github.com/git-ecosystem/git-credential-manager
1
https://github.com/DuendeSoftware/foss
1
https://github.com/snapappointments/bootstrap-select
1
https://github.com/MichaelGrafnetter/DSInternals
1
https://github.com/Azure/azure-sdk-for-go
1
https://github.com/moq/moq
1
https://github.com/apache/avro
1
https://github.com/amazon-ion/ion-dotnet
1
https://github.com/dotnetcore/AgileConfig
1
https://github.com/Archomeda/Gw2Sharp
1
https://github.com/dotnet/msbuild
1
https://github.com/LittleBigRefresh/Bunkum
1
https://github.com/ldqk/Masuit.Tools
1
https://github.com/imazen/imageflow
1
https://github.com/trannamtrung1st/elFinder.Net.Core
1
https://github.com/apache/lucenenet
1
https://github.com/drewnoakes/metadata-extractor-dotnet
1
https://github.com/pentesttoolscom/vulnerability-research
1
https://github.com/AzureAD/microsoft-authentication-library-for-dotnet
1
https://github.com/microsoft/bond
1
https://github.com/Bluegrams/YoutubeDLSharp
1
https://github.com/couchbase/couchbase-net-client
1
https://github.com/ravibpatel/AutoUpdater.NET
1
https://github.com/starkbank/ecdsa-python
1
https://github.com/neuecc/MessagePack-CSharp
1
https://github.com/riganti/dotvvm
1
https://github.com/open-telemetry/opentelemetry-dotnet-instrumentation
1
https://github.com/microsoft/ChakraCore
1
https://github.com/DuendeSoftware/Duende.AccessTokenManagement
1
https://github.com/IowaComputerGurus/aspnetcore.utilities.cloudstorage
1
https://github.com/kubernetes/kubernetes
1
https://github.com/JamesNK/Newtonsoft.Json
1
https://github.com/serilog-contrib/serilog-enrichers-clientinfo
1