Vulnerability Library

ID
Packages
Summary
Affected versions
Published
Fix
GHSA-75x2-6h4m-h6mx
  • NuGet/FullStackHero.WebAPI.Boilerplate
FullStackHero's WebAPI Boilerplate host header injection vulnerability
  • 1.0.0
2024-02-29T03:33:18Z No fix available
GHSA-5jjq-8cvj-v6m9
  • NuGet/Serenity.Net.Core
  • npm/@serenity-is/corelib
Cross-site Scripting in Serenity
  • 5.0.0
  • 5.0.1
  • 5.0.10
  • 5.0.11
  • 5.0.12
  • 5.0.13
  • 5.0.17
  • ...
2024-02-19T06:30:33Z Fix available
GHSA-68w7-72jg-6qpp
  • NuGet/NuGet.CommandLine
  • NuGet/NuGet.Packaging
NuGet Client Security Feature Bypass Vulnerability
  • 4.6.2
  • 4.6.3
  • 4.6.4
  • 4.7.1
  • 4.7.2
  • 4.7.3
  • 4.8.2
  • ...
2024-02-13T21:18:10Z Fix available
GHSA-g74q-5xw3-j7q9
  • NuGet/Microsoft.AspNetCore.App.Runtime.linux-arm
  • NuGet/Microsoft.AspNetCore.App.Runtime.linux-arm64
  • NuGet/Microsoft.AspNetCore.App.Runtime.linux-musl-arm
  • NuGet/Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
  • NuGet/Microsoft.AspNetCore.App.Runtime.linux-musl-x64
  • NuGet/Microsoft.AspNetCore.App.Runtime.linux-x64
  • NuGet/Microsoft.AspNetCore.App.Runtime.osx-arm64
  • NuGet/Microsoft.AspNetCore.App.Runtime.osx-x64
  • NuGet/Microsoft.AspNetCore.App.Runtime.win-arm
  • NuGet/Microsoft.AspNetCore.App.Runtime.win-arm64
  • NuGet/Microsoft.AspNetCore.App.Runtime.win-x64
  • NuGet/Microsoft.AspNetCore.App.Runtime.win-x86
Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability
  • 3.0.0
  • 3.0.0-preview5-19227-01
  • 3.0.1
  • 3.0.2
  • 3.0.3
  • 3.1.0
  • 3.1.1
  • ...
2024-02-13T19:49:43Z Fix available
GHSA-8v28-3g86-chj5
  • NuGet/PanelSwWix4.Sdk
PanelSwWix4.Sdk .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
  • See details.
2024-02-08T18:24:35Z Fix available
GHSA-259p-rvjx-ffwg
  • NuGet/PanelSW.Custom.WiX
Panel::Software Customized WiX .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
  • 3.12.0-b100
  • 3.12.0-b45
  • 3.12.0-b48
  • 3.12.0-b53
  • 3.12.0-b57
  • 3.12.0-b59
  • 3.12.0-b60
  • ...
2024-02-08T18:24:21Z Fix available
GHSA-7wh2-wxc7-9ph5
  • NuGet/wix
WiX Toolset's .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
  • 4.0.0
  • 4.0.0.2926-pre
  • 4.0.0.3226-pre
  • 4.0.0.3922-pre
  • 4.0.0.4506-pre
  • 4.0.0.5512-pre
  • 4.0.1
  • ...
2024-02-08T18:23:49Z Fix available
GHSA-vh55-786g-wjwj
  • NuGet/System.Security.Cryptography.Xml
  • NuGet/Microsoft.AspNetCore.App.Runtime.win-x64
  • NuGet/Microsoft.AspNetCore.App.Runtime.linux-x64
  • NuGet/Microsoft.AspNetCore.App.Runtime.win-x86
  • NuGet/Microsoft.AspNetCore.App.Runtime.osx-x64
  • NuGet/Microsoft.AspNetCore.App.Runtime.linux-musl-x64
  • NuGet/Microsoft.AspNetCore.App.Runtime.linux-arm64
  • NuGet/Microsoft.AspNetCore.App.Runtime.linux-arm
  • NuGet/Microsoft.AspNetCore.App.Runtime.win-arm64
  • NuGet/Microsoft.AspNetCore.App.Runtime.win-arm
  • NuGet/Microsoft.AspNetCore.App.Runtime.osx-arm64
  • NuGet/Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
  • NuGet/Microsoft.AspNetCore.App.Runtime.linux-musl-arm
.NET Information Disclosure Vulnerability
  • 4.4.0
  • 4.4.0-preview1-25305-02
  • 4.4.0-preview2-25405-01
  • 4.4.1
  • 4.4.2
  • 4.5.0
  • 4.5.0-preview1-25914-04
  • ...
2024-02-03T00:47:54Z Fix available
GHSA-jcmq-5rrv-j2g4
  • NuGet/PowerShell
PowerShell is subject to remote code execution vulnerability
  • 1.0.0
  • 6.2.2
  • 6.2.3
  • 6.2.4
  • 6.2.5
  • 6.2.6
  • 6.2.7
2024-02-02T21:04:47Z Fix available
GHSA-67m4-qxp3-j6hh
  • NuGet/TrueLayer.Client
TrueLayer.Client SSRF when fetching payment or payment provider
  • 0.1.0
  • 0.1.1
  • 0.2.0
  • 0.2.1
  • 0.2.1-beta1
  • 0.2.1-beta2
  • 0.2.1-beta3
  • ...
2024-01-30T20:57:59Z Fix available
GHSA-59j7-ghrg-fj52
  • NuGet/System.IdentityModel.Tokens.Jwt
  • NuGet/Microsoft.IdentityModel.JsonWebTokens
Microsoft Security Advisory CVE-2024-21319: .NET Denial of Service Vulnerability
  • 1.0.0
  • 3.0.0
  • 3.0.1
  • 3.0.2
  • 4.0.0
  • 4.0.0-RC1
  • 4.0.0-RC1-10701-1147
  • ...
2024-01-09T19:35:02Z Fix available
GHSA-98g6-xh36-x2p7
  • NuGet/Microsoft.Data.SqlClient
  • NuGet/System.Data.SqlClient
Microsoft.Data.SqlClient and System.Data.SqlClient vulnerable to SQL Data Provider Security Feature Bypass
  • 1.0.19123.2-Preview
  • 1.0.19128.1-Preview
  • 1.0.19189.1-Preview
  • 1.0.19221.1-Preview
  • 1.0.19239.1
  • 1.0.19249.1
  • 1.0.19269.1
  • ...
2024-01-09T18:30:27Z Fix available
GHSA-8g9c-28fc-mcx2
  • NuGet/Microsoft.IdentityModel.JsonWebTokens
  • NuGet/System.IdentityModel.Tokens.Jwt
Microsoft Identity Denial of service vulnerability
  • 5.2.4
  • 5.3.0
  • 5.4.0
  • 5.5.0
  • 5.6.0
  • 6.10.0
  • 6.10.1
  • ...
2024-01-09T18:28:03Z Fix available
GHSA-rv9j-c866-gp5h
  • NuGet/Microsoft.IdentityModel.Protocols.SignedHttpRequest
Microsoft.IdentityModel.Protocols.SignedHttpRequest remote code execution vulnerability
  • 6.10.0
  • 6.10.1
  • 6.10.2
  • 6.11.0
  • 6.11.1
  • 6.12.0
  • 6.12.1
  • ...
2024-01-09T18:25:47Z Fix available
GHSA-8x6f-956f-q43w
  • NuGet/OWASP.AntiSamy
OWASP.AntiSamy mXSS when preserving comments
  • 1.0.0
  • 1.0.1
  • 1.0.2
  • 1.0.3
  • 1.1.0
  • 1.1.1
2024-01-02T16:38:28Z Fix available
GHSA-hwcc-4cv8-cf3h
  • NuGet/Snowflake.Data
Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL)
  • 2.0.25
  • 2.1.0
  • 2.1.1
  • 2.1.2
  • 2.1.3
  • 2.1.4
2023-12-22T19:51:09Z Fix available