Vulnerability Database
Blog
FAQ
Docs
Vulnerability Library
search
All ecosystems
109377
AlmaLinux
2683
Alpine
3380
Android
861
Bitnami
3830
CRAN
10
crates.io
1325
Debian
9803
GIT
32724
GitHub Actions
16
Go
2040
Hackage
17
Hex
27
Linux
13573
Maven
4811
npm
14150
NuGet
575
OSS-Fuzz
3261
Packagist
2847
Pub
8
PyPI
11592
Rocky Linux
1030
RubyGems
784
SwiftURL
30
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-438c-3975-5x3f
npm/tinymce
NuGet/TinyMCE
Packagist/tinymce/tinymce
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling iframes
3.4.3.2
3.4.4
3.4.5
3.4.7
3.5.0
3.5.0.1
3.5.1
...
2024-03-26T21:23:47Z
Fix available
GHSA-5359-pvf2-pw78
Packagist/tinymce/tinymce
npm/tinymce
NuGet/TinyMCE
TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files through Object or Embed elements
4.0.0
4.0.1
4.0.10
4.0.11
4.0.12
4.0.13
4.0.14
...
2024-03-26T21:23:45Z
Fix available
GHSA-rf39-3f98-xr7r
NuGet/wix
NuGet/WixToolset.Sdk
WiX based installers are vulnerable to binary hijack when run as SYSTEM
3.10.0
3.10.0.1719-pre
3.10.0.1726-pre
3.10.0.2103-pre
3.10.0.2103-pre1
3.10.1
3.10.2
...
2024-03-25T19:42:32Z
Fix available
GHSA-jx4p-m4wm-vvjg
NuGet/wix
NuGet/WixToolset.Util.wixext
Malicious directory junction can cause WiX RemoveFoldersEx to possibly delete elevated files
3.10.0
3.10.0.1719-pre
3.10.0.1726-pre
3.10.0.2103-pre
3.10.0.2103-pre1
3.10.1
3.10.2
...
2024-03-25T19:42:17Z
Fix available
GHSA-g4v6-69p6-q3p4
NuGet/PanelSwWix4.Sdk
WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM
See details.
2024-03-25T19:36:25Z
Fix available
GHSA-wq88-fq4x-h2pm
NuGet/PanelSW.Custom.WiX
WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM
3.12.0-b100
3.12.0-b45
3.12.0-b48
3.12.0-b53
3.12.0-b57
3.12.0-b59
3.12.0-b60
...
2024-03-25T19:35:53Z
Fix available
GHSA-552f-97wf-pmpq
NuGet/UmbracoCMS
Umbraco possible user enumeration
See details.
2024-03-20T17:54:35Z
Fix available
GHSA-32jq-mv89-5rx7
NuGet/CoreWCF.NetFramingBase
CoreWCF NetFraming based services can leave connections open when they should be closed
1.4.0
1.4.1
1.5.0
1.5.1
2024-03-15T19:20:17Z
Fix available
GHSA-2x7m-gf85-3745
NuGet/Microsoft.Native.Quic.MsQuic.OpenSSL
NuGet/Microsoft.Native.Quic.MsQuic.Schannel
Remote Denial of Service Vulnerability in Microsoft QUIC
1.8.0
1.8.0
2024-03-13T17:14:43Z
Fix available
GHSA-5fxj-whcv-crrc
NuGet/Microsoft.NETCore.App.Runtime.linux-arm
NuGet/Microsoft.NETCore.App.Runtime.linux-arm64
NuGet/Microsoft.NETCore.App.Runtime.linux-musl-arm
NuGet/Microsoft.NETCore.App.Runtime.linux-musl-arm64
NuGet/Microsoft.NETCore.App.Runtime.linux-musl-x64
NuGet/Microsoft.NETCore.App.Runtime.linux-x64
NuGet/Microsoft.NETCore.App.Runtime.osx-arm64
NuGet/Microsoft.NETCore.App.Runtime.osx-x64
NuGet/Microsoft.NETCore.App.Runtime.win-arm
NuGet/Microsoft.NETCore.App.Runtime.win-arm64
NuGet/Microsoft.NETCore.App.Runtime.win-x64
NuGet/Microsoft.NETCore.App.Runtime.win-x86
Microsoft Security Advisory CVE-2024-21392: .NET Denial of Service Vulnerability
7.0.0
7.0.1
7.0.10
7.0.11
7.0.12
7.0.13
7.0.14
...
2024-03-12T20:07:59Z
Fix available
GHSA-65x7-c272-7g7r
NuGet/SixLabors.ImageSharp
Use After Free in SixLabors.ImageSharp
3.0.0
3.0.1
3.0.2
3.1.0
3.1.1
3.1.2
1.0.0
...
2024-03-05T16:26:15Z
Fix available
GHSA-75x2-6h4m-h6mx
NuGet/FullStackHero.WebAPI.Boilerplate
FullStackHero's WebAPI Boilerplate host header injection vulnerability
1.0.0
2024-02-29T03:33:18Z
No fix available
GHSA-5jjq-8cvj-v6m9
NuGet/Serenity.Net.Core
npm/@serenity-is/corelib
Cross-site Scripting in Serenity
5.0.0
5.0.1
5.0.10
5.0.11
5.0.12
5.0.13
5.0.17
...
2024-02-19T06:30:33Z
Fix available
GHSA-68w7-72jg-6qpp
NuGet/NuGet.CommandLine
NuGet/NuGet.Packaging
NuGet Client Security Feature Bypass Vulnerability
4.6.2
4.6.3
4.6.4
4.7.1
4.7.2
4.7.3
4.8.2
...
2024-02-13T21:18:10Z
Fix available
GHSA-g74q-5xw3-j7q9
NuGet/Microsoft.AspNetCore.App.Runtime.linux-arm
NuGet/Microsoft.AspNetCore.App.Runtime.linux-arm64
NuGet/Microsoft.AspNetCore.App.Runtime.linux-musl-arm
NuGet/Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
NuGet/Microsoft.AspNetCore.App.Runtime.linux-musl-x64
NuGet/Microsoft.AspNetCore.App.Runtime.linux-x64
NuGet/Microsoft.AspNetCore.App.Runtime.osx-arm64
NuGet/Microsoft.AspNetCore.App.Runtime.osx-x64
NuGet/Microsoft.AspNetCore.App.Runtime.win-arm
NuGet/Microsoft.AspNetCore.App.Runtime.win-arm64
NuGet/Microsoft.AspNetCore.App.Runtime.win-x64
NuGet/Microsoft.AspNetCore.App.Runtime.win-x86
Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability
3.0.0
3.0.0-preview5-19227-01
3.0.1
3.0.2
3.0.3
3.1.0
3.1.1
...
2024-02-13T19:49:43Z
Fix available
GHSA-8v28-3g86-chj5
NuGet/PanelSwWix4.Sdk
PanelSwWix4.Sdk .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
See details.
2024-02-08T18:24:35Z
Fix available
Load more...
NuGet - OSV