Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-266m-wp2v-x7mq
  • NuGet/Microsoft.NetCore.App.Runtime.linux-arm
  • NuGet/Microsoft.NetCore.App.Runtime.linux-arm64
  • NuGet/Microsoft.NetCore.App.Runtime.linux-musl-arm
  • NuGet/Microsoft.NetCore.App.Runtime.linux-musl-arm64
  • NuGet/Microsoft.NetCore.App.Runtime.linux-musl-x64
  • NuGet/Microsoft.NetCore.App.Runtime.linux-x64
  • NuGet/Microsoft.NetCore.App.Runtime.osx-arm64
  • NuGet/Microsoft.NetCore.App.Runtime.osx-x64
  • NuGet/Microsoft.NetCore.App.Runtime.win-arm
  • NuGet/Microsoft.NetCore.App.Runtime.win-arm64
  • NuGet/Microsoft.NetCore.App.Runtime.win-x64
  • NuGet/Microsoft.NetCore.App.Runtime.win-x86
 Microsoft Security Advisory CVE-2025-30399 | .NET Remote Code Vulnerability 2 hours ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-fr6r-p8hv-x3c4
  • NuGet/Umbraco.Cms
 Umbraco Vulnerable to By-Pass of Configured Allowed Extensions for File Uploads 6 days ago
  • Fix available
  • Severity - 5.5 (Medium)
GHSA-m4hf-fxcg-cp34
  • NuGet/DotNetNuke.Core
 DNN allows Stored Cross-Site Scripting (XSS) with svg files rendered inline 23 May
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-79m3-rvx2-3qq9
  • NuGet/DotNetNuke.Web
  • NuGet/DotNetNuke.Core
 Reflected Cross-Site Scripting (XSS) in module actions in edit mode 23 May
  • Fix available
  • Severity - 6.0 (Medium)
GHSA-62mf-vhhw-xmf8
  • NuGet/DotNetNuke.SiteExportImport
 DNN site Import could use an external source with a crafted request 23 May
  • Fix available
  • Severity - 3.5 (Low)
GHSA-h4j7-5rxr-p4wc
  • NuGet/Microsoft.Build.Tasks.Core
 Microsoft.Build.Tasks.Core .NET Spoofing Vulnerability 13 May
  • Fix available
GHSA-2qrj-g9hq-chph
  • NuGet/Umbraco.Forms
  • NuGet/UmbracoForms
 Umbraco.Forms has HTML injection vulnerability in 'Send email' workflow 13 May
  • Fix available
  • Severity - 2.3 (Low)
GHSA-4g8m-5mj5-c8xg
  • NuGet/Umbraco.Cms
 Umbraco Makes User Enumeration Feasible Based on Timing of Login Response 06 May
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-c82r-c9f7-f5mj
  • NuGet/Snowflake.Data
 Snowflake Connector for .NET has race condition when checking access to Easy Logging configuration file 28 Apr
  • Fix available
  • Severity - 3.3 (Low)
GHSA-2jh5-g5ch-43q5
  • NuGet/YoutubeDLSharp
 YoutubeDLSharp allows command injection on windows system due to non sanitized arguments 23 Apr
  • Fix available
  • Severity - 9.2 (Critical)
GHSA-gm2p-wf5c-w3pj
  • NuGet/Amazon.IonDotnet
 Infinite loop condition in Amazon.IonDotnet 21 Apr
  • Fix available
  • Severity - 8.7 (High)
GHSA-9g64-r942-fvmp
  • NuGet/Apache.NMS.ActiveMQ
 Apache ActiveMQ NMS OpenWire Client Deserialization of Untrusted Data vulnerability 18 Apr
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-f87w-3j5w-v58p
  • NuGet/CefSharp.Wpf
  • NuGet/CefSharp.Wpf.HwndHost
  • NuGet/CefSharp.Wpf.NetCore
  • NuGet/CefSharp.WinForms
  • NuGet/CefSharp.WinForms.NetCore
  • NuGet/CefSharp.OffScreen.NetCore
  • NuGet/CefSharp.OffScreen
 CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows 12 Apr
  • Fix available
  • Severity - 8.3 (High)
GHSA-rpq8-q44m-2rpg
  • NuGet/Microsoft.Identity.Web
  • NuGet/Microsoft.Identity.Abstractions
 Microsoft Identity Web Exposes Client Secrets and Certificate Information in Service Logs 09 Apr
  • Fix available
  • Severity - 4.7 (Medium)
GHSA-3f7v-qx94-666m
  • NuGet/DotNetNuke.Core
 DotNetNuke.Core Vulnerable to Server-Side Request Forgery (SSRF) 09 Apr
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-q62r-8ppj-xvf4
  • NuGet/Umbraco.Cms
 Umbraco has a Management API Vulnerability to Path Traversal With Authenticated Users 09 Apr
  • Fix available
  • Severity - 8.8 (High)
Load more...