Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,048
Maven
5,000+
npm
4,785
NuGet
825
pip
4,383
Pub
12
RubyGems
987
Rust
1,143
Swift
50
Unreviewed advisories
All unreviewed
5,000+

32 advisories

Loading
ImageMagick has infinite loop when writing IPTCTEXT leads to denial of service via crafted profile Moderate
CVE-2026-26066 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
ylwango613 Credited to ylwango613
ImageMagick: Infinite loop vulnerability when parsing a PCD file High
CVE-2026-24485 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
ylwango613 Credited to ylwango613
ImageMagick: Converting multi-layer nested MVG to SVG can cause DoS Moderate
CVE-2026-24484 was published for Magick.NET-Q16-AnyCPU (NuGet) Feb 24, 2026
ylwango613 Credited to ylwango613
Amazon.IonDotnet is vulnerable to Denial of Service attacks High
CVE-2025-11573 was published for Amazon.IonDotnet (NuGet) Oct 9, 2025
SixLabors ImageSharp Has Infinite Loop in GIF Decoder When Skipping Malformed Comment Extension Blocks Moderate
CVE-2025-54575 was published for SixLabors.ImageSharp (NuGet) Jul 30, 2025
whatevicanhaz Credited to whatevicanhaz
Microsoft Security Advisory CVE-2024-38168 | .NET Denial of Service Vulnerability High
CVE-2024-38168 was published for Microsoft.AspNetCore.App.Runtime.win-arm (NuGet) Aug 13, 2024
Microsoft Security Advisory CVE-2024-30105 | .NET Denial of Service Vulnerability High
CVE-2024-30105 was published for System.Text.Json (NuGet) Jul 9, 2024
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation. Moderate
CVE-2024-29857 was published for BouncyCastle (Maven) May 14, 2024
levpachmanov Credited to levpachmanov
Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability High
CVE-2024-21392 was published for Microsoft.NETCore.App.Runtime.linux-arm (NuGet) Mar 12, 2024
r3kumar Credited to r3kumar and TAINA-AntonyBingham TAINA-AntonyBingham TAINA-AntonyBingham
Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability High
CVE-2024-21386 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Feb 13, 2024
bbossola Credited to bbossola, gillarramendi, and sunnypatell gillarramendi gillarramendi
sunnypatell sunnypatell
Duplicate Advisory: Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability High
GHSA-32q7-gv7f-4cg5 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Feb 13, 2024 withdrawn
Microsoft ASP.NET Core project templates vulnerable to denial of service Moderate
CVE-2024-21319 was published for Microsoft.IdentityModel.JsonWebTokens (NuGet) Jan 9, 2024
aried3r Credited to aried3r
MsQuic Remote Denial of Service Vulnerability High
CVE-2023-36435 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Oct 10, 2023
Remote Denial of Service Vulnerability in Microsoft.Native.Quic.MsQuic.Schannel High
CVE-2023-38171 was published for Microsoft.Native.Quic.MsQuic.OpenSSL (NuGet) Oct 10, 2023
Microsoft Security Advisory CVE-2023-36799: .NET Denial of Service Vulnerability Moderate
CVE-2023-36799 was published for Microsoft.NETCore.App.Runtime.linux-arm (NuGet) Sep 12, 2023
.NET Denial of Service Vulnerability High
CVE-2023-38178 was published for Microsoft.AspNetCore.App.Runtime.win-arm (NuGet) Aug 9, 2023
.NET Denial of Service Vulnerability High
CVE-2023-38180 was published for Microsoft.AspNetCore.App.Runtime.win-arm64 (NuGet) Aug 9, 2023
mkilgore Credited to mkilgore
YARP Denial of Service Vulnerability High
CVE-2023-33141 was published for Yarp.ReverseProxy (NuGet) Jun 23, 2023
.NET Denial of Service vulnerability High
CVE-2023-29331 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jun 14, 2023
Uncontrolled Resource Consumption in OPC UA .NET Standard Reference Server High
CVE-2023-27321 was published for OPCFoundation.NetStandard.Opc.Ua.Server (NuGet) May 5, 2023
EnumStringValues vulnerable to Uncontrolled Resource Consumption Low
CVE-2020-36620 was published for EnumStringValues (NuGet) Dec 21, 2022
.NET Denial of Service Vulnerability High
CVE-2022-23267 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Oct 21, 2022
.NET Denial of Service Vulnerability High
CVE-2022-29117 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Aug 30, 2022
binki Credited to binki, akunzai, leecow, Tratcher, and skofman1 akunzai akunzai
leecow leecow Tratcher Tratcher skofman1 skofman1
Moment.js vulnerable to Inefficient Regular Expression Complexity High
CVE-2022-31129 was published for Moment.js (npm) Jul 6, 2022
doublevkay Credited to doublevkay
Uncontrolled Resource Consumption in OPCFoundation.NetStandard.Opc.Ua.Core High
CVE-2022-29864 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen Credited to mregen
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database