Vulnerability Database
Blog
FAQ
Docs
Vulnerability Library
search
All ecosystems
112045
AlmaLinux
2822
Alpine
3427
Android
890
Bitnami
3949
CRAN
10
crates.io
1353
Debian
9889
GIT
27848
GitHub Actions
16
Go
2185
Hackage
18
Hex
30
Linux
13573
Maven
4893
npm
14445
NuGet
587
OSS-Fuzz
3314
Packagist
3588
Pub
8
PyPI
12039
Rocky Linux
1192
RubyGems
790
SwiftURL
31
Ubuntu
5148
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-hhc7-x9w4-cw47
NuGet/Microsoft.AspNetCore.App.Runtime.linux-arm
NuGet/Microsoft.AspNetCore.App.Runtime.linux-arm64
NuGet/Microsoft.AspNetCore.App.Runtime.linux-musl-arm
NuGet/Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
NuGet/Microsoft.AspNetCore.App.Runtime.linux-musl-x64
NuGet/Microsoft.AspNetCore.App.Runtime.linux-x64
NuGet/Microsoft.AspNetCore.App.Runtime.osx-arm64
NuGet/Microsoft.AspNetCore.App.Runtime.osx-x64
NuGet/Microsoft.AspNetCore.App.Runtime.win-arm
NuGet/Microsoft.AspNetCore.App.Runtime.win-arm64
NuGet/Microsoft.AspNetCore.App.Runtime.win-x64
NuGet/Microsoft.AspNetCore.App.Runtime.win-x86
Microsoft Security Advisory CVE-2024-30046 | .NET Denial of Service Vulnerability
7.0.0
7.0.1
7.0.10
7.0.11
7.0.12
7.0.13
7.0.14
...
2024-05-14T20:31:00Z
Fix available
GHSA-7fcr-8qw6-92fr
NuGet/Microsoft.NetCore.App.Runtime.linux-arm
NuGet/Microsoft.NetCore.App.Runtime.linux-arm64
NuGet/Microsoft.NetCore.App.Runtime.linux-musl-arm
NuGet/Microsoft.NetCore.App.Runtime.linux-musl-arm64
NuGet/Microsoft.NetCore.App.Runtime.linux-musl-x64
NuGet/Microsoft.NetCore.App.Runtime.linux-x64
NuGet/Microsoft.NetCore.App.Runtime.osx-arm64
NuGet/Microsoft.NetCore.App.Runtime.osx-x64
NuGet/Microsoft.NetCore.App.Runtime.win-arm
NuGet/Microsoft.NetCore.App.Runtime.win-arm64
NuGet/Microsoft.NetCore.App.Runtime.win-x64
NuGet/Microsoft.NetCore.App.Runtime.win-x86
Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability
7.0.0
7.0.1
7.0.10
7.0.11
7.0.12
7.0.13
7.0.14
...
2024-05-14T20:30:57Z
Fix available
GHSA-wchx-rm6h-7jf6
NuGet/Microsoft.PowerBI.JavaScript
Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability
1.0.11-prevew
1.0.11-preview
1.0.12-preview
1.1.0
2.0.0
2.10.0
2.10.1
...
2024-05-14T18:31:05Z
No fix available
GHSA-8xfc-gm6g-vgpv
Maven/org.bouncycastle:bcprov-jdk18on
Maven/org.bouncycastle:bcprov-jdk15on
Maven/org.bouncycastle:bcprov-jdk15to18
Maven/org.bouncycastle:bcprov-jdk14
Maven/org.bouncycastle:bctls-jdk18on
Maven/org.bouncycastle:bctls-jdk14
Maven/org.bouncycastle:bctls-jdk15to18
Maven/org.bouncycastle:bcpkix-jdk18on
Maven/org.bouncycastle:bcpkix-jdk15to18
Maven/org.bouncycastle:bcpkix-jdk14
Maven/org.bouncycastle:bc-fips
NuGet/BouncyCastle
NuGet/BouncyCastle.Cryptography
Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.
1.71
1.71.1
1.72
1.73
1.74
1.75
1.76
...
2024-05-14T15:32:54Z
Fix available
GHSA-m44j-cfrm-g8qc
Maven/org.bouncycastle:bcprov-jdk18on
Maven/org.bouncycastle:bcprov-jdk15on
Maven/org.bouncycastle:bcprov-jdk15to18
Maven/org.bouncycastle:bcprov-jdk14
Maven/org.bouncycastle:bctls-jdk18on
Maven/org.bouncycastle:bctls-jdk14
Maven/org.bouncycastle:bctls-jdk15to18
Maven/org.bouncycastle:bcpkix-jdk18on
Maven/org.bouncycastle:bcpkix-jdk15to18
Maven/org.bouncycastle:bcpkix-jdk14
NuGet/BouncyCastle
NuGet/BouncyCastle.Cryptography
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
1.71
1.71.1
1.72
1.73
1.74
1.75
1.76
...
2024-05-14T15:32:54Z
Fix available
GHSA-v435-xc8x-wvr9
Maven/org.bouncycastle:bctls-fips
Maven/org.bouncycastle:bcprov-jdk18on
Maven/org.bouncycastle:bcprov-jdk15on
Maven/org.bouncycastle:bcprov-jdk15to18
Maven/org.bouncycastle:bcprov-jdk14
Maven/org.bouncycastle:bctls-jdk18on
Maven/org.bouncycastle:bctls-jdk14
Maven/org.bouncycastle:bctls-jdk15to18
NuGet/BouncyCastle
NuGet/BouncyCastle.Cryptography
Maven/org.bouncycastle:bcpkix-jdk18on
Maven/org.bouncycastle:bcpkix-jdk15to18
Maven/org.bouncycastle:bcpkix-jdk14
Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")
1.0.0
1.0.1
1.0.10
1.0.10.1
1.0.10.2
1.0.10.3
1.0.11
...
2024-05-14T15:32:54Z
Fix available
GHSA-x9vc-6hfv-hg8c
NuGet/Npgsql
Npgsql vulnerable to SQL Injection via Protocol Message Size Overflow
8.0.0
8.0.1
8.0.2
2.0.11
2.0.12
2.0.12.1
2.0.13-beta1
...
2024-05-09T15:12:49Z
Fix available
GHSA-287f-46j7-j4wh
NuGet/Umbraco.Workflow
NuGet/Plumber.Workflow
Umbraco Workflow's Backoffice users can execute arbitrary SQL
10.0.0
10.1.0
10.1.0-rc1
10.1.1
10.1.2
10.2.0
10.2.0-rc1
...
2024-04-24T17:04:34Z
Fix available
GHSA-6qmx-42h2-j8h6
NuGet/Microsoft.WindowsDesktop.App.Runtime.win-arm64
NuGet/Microsoft.WindowsDesktop.App.Runtime.win-x64
NuGet/Microsoft.WindowsDesktop.App.Runtime.win-x86
.NET Elevation of Privilege Vulnerability
5.0.0
5.0.1
5.0.10
5.0.11
5.0.12
5.0.13
5.0.14
...
2024-04-17T18:21:57Z
Fix available
GHSA-74p6-39f2-23v3
NuGet/Umbraco.Cms.Core
NuGet/Umbraco.Cms.Web.BackOffice
Blind SSRF Leads to Port Scan by using Webhooks
13.0.0
13.0.1
13.0.2
13.0.3
13.1.0
13.1.0-rc
13.0.0
...
2024-04-17T18:20:28Z
Fix available
GHSA-x674-v45j-fwxw
NuGet/Microsoft.Identity.Client
MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of service
4.48.0
4.48.1
4.49.0
4.49.1
4.50.0
4.51.0
4.52.0
...
2024-04-16T21:41:57Z
Fix available
GHSA-5x7m-6737-26cr
NuGet/SixLabors.ImageSharp
SixLabors.ImageSharp vulnerable to data leakage
1.0.0
1.0.0-beta0001
1.0.0-beta0002
1.0.0-beta0003
1.0.0-beta0004
1.0.0-beta0005
1.0.0-beta0006
...
2024-04-15T20:24:06Z
Fix available
GHSA-g85r-6x2q-45w7
NuGet/SixLabors.ImageSharp
SixLabors.ImageSharp vulnerable to Memory Allocation with Excessive Size Value
1.0.0
1.0.0-beta0001
1.0.0-beta0002
1.0.0-beta0003
1.0.0-beta0004
1.0.0-beta0005
1.0.0-beta0006
...
2024-04-15T20:22:54Z
Fix available
GHSA-vh2m-22xx-q94f
NuGet/OpenTelemetry.Instrumentation.Http
NuGet/OpenTelemetry.Instrumentation.AspNetCore
Sensitive query parameters logged by default in OpenTelemetry.Instrumentation http and AspNetCore
1.0.0-rc10
1.0.0-rc2
1.0.0-rc3
1.0.0-rc4
1.0.0-rc5
1.0.0-rc6
1.0.0-rc7
...
2024-04-12T22:54:09Z
Fix available
GHSA-wvxc-855f-jvrv
NuGet/Azure.Identity
Azure Identity Library for .NET Information Disclosure Vulnerability
1.0.0
1.1.0
1.1.1
1.10.0
1.10.1
1.10.2
1.10.3
...
2024-04-09T18:30:28Z
Fix available
GHSA-438c-3975-5x3f
npm/tinymce
NuGet/TinyMCE
Packagist/tinymce/tinymce
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling iframes
3.4.3.2
3.4.4
3.4.5
3.4.7
3.5.0
3.5.0.1
3.5.1
...
2024-03-26T21:23:47Z
Fix available
Load more...
NuGet - OSV