Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

Security Advisories

Browse security advisories and track which Dependabot PRs address them.

RSS Feed

24,785

Total Advisories

1,792

With Dependabot PRs

3,506

Critical Severity

8,617

High Severity

Clear All Filters
Incorrect Regular Expression in RestSharp
GHSA-9pq7-rcxv-47vq CVE-2021-27293 HIGH over 4 years ago
RestSharp < 106.11.8-alpha.0.13 uses a regular expression which is vulnerable to Regular Expression Denial of Service (ReDoS) when converting strin...
nuget
12
Dependabot PRs
25%
Merged
Insecure deserialization in Wire
GHSA-hpw7-3vq3-mmv6 CVE-2021-29508 CRITICAL over 4 years ago
Due to how Wire handles type information in its serialization format, malicious payloads can be passed to a deserializer. e.g. using a surrogate on...
nuget
No PRs yet
Cross-site scripting in bootstrap-select
GHSA-7c82-mp33-r854 CVE-2019-20921 MODERATE over 4 years ago
bootstrap-select before 1.13.6 allows Cross-Site Scripting (XSS). It does not escape title values in OPTION elements. This may allow attackers to e...
npm nuget
No PRs yet
.NET Core Remote Code Execution Vulnerability
GHSA-ghhp-997w-qr28 CVE-2021-26701 CRITICAL over 4 years ago
.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24112. ### Executive summary Microsoft is releasing this securi...
nuget
17
Dependabot PRs
.NET Core Information Disclosure
GHSA-7jgj-8wvc-jh57 CVE-2018-8292 HIGH over 4 years ago
An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core ...
nuget
No PRs yet
Out-of-bounds Write in Chakra
GHSA-qwwg-gc55-qqrv CVE-2020-17131 HIGH over 4 years ago
Chakra Scripting Engine Memory Corruption Vulnerability
nuget
No PRs yet
Authenticated path traversal in Umbraco CMS
GHSA-936x-wgqv-hhgq CVE-2020-5811 MODERATE over 4 years ago
An authenticated path traversal vulnerability exists during package installation in Umbraco CMS <= 8.9.1 or current, which could result in arbitrar...
nuget
No PRs yet
Incorrect permission enforcement in UmbracoCms
GHSA-4vp3-vfww-8648 CVE-2020-29454 MODERATE over 4 years ago
Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access.
nuget
No PRs yet
Out-of-bounds write
GHSA-prxj-c66c-4gcf CVE-2019-0924 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-hrmm-f4j8-8vxc CVE-2019-0922 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-7423-5qfm-g648 CVE-2019-0916 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-h23m-w6x5-jwr4 CVE-2019-0923 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-rx34-jff5-ph35 CVE-2019-0917 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-59cj-99cw-rq64 CVE-2019-0913 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-fm9p-5m9f-rq85 CVE-2019-0915 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-h6wf-hvwc-fm77 CVE-2019-0914 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-9735-p6r2-2hgh CVE-2019-0911 HIGH over 4 years ago
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine...
nuget
No PRs yet
Out-of-bounds write
GHSA-w89r-qch4-8jv5 CVE-2019-0912 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-mg98-x2cm-4cpf CVE-2019-1106 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
2
Dependabot PRs
100%
Merged
Out-of-bounds write
GHSA-vmf5-924f-25f2 CVE-2019-1103 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-2x75-mf24-588m CVE-2019-1092 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-rh4p-g7x6-8pqg CVE-2019-1062 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Chakra Scripting Engine Out-of-bounds write
GHSA-53r4-h27g-rg3x CVE-2019-0992 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). ...
nuget
No PRs yet
Chakra Scripting Engine Out-of-bounds write
GHSA-w32p-76xr-88pc CVE-2019-1003 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). ...
nuget
No PRs yet
Chakra Scripting Engine Memory Corruption Vulnerability
GHSA-9824-rp6m-xx9w CVE-2019-0989 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). ...
nuget
No PRs yet
Out-of-bounds write
GHSA-8gvg-8vhf-h26g CVE-2019-0937 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-5rq8-3wvf-wrfg CVE-2019-0933 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-37pf-w9ff-gqvm CVE-2019-0927 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write in ChakraCore
GHSA-hfm2-fffh-v47v CVE-2019-1196 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write in Microsoft.ChakraCore
GHSA-ppxc-pmx9-qjv9 CVE-2019-1195 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write in Microsoft.ChakraCore
GHSA-cwp9-956f-vcwh CVE-2019-1141 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write in Microsoft.ChakraCore
GHSA-9qw8-ccq9-ffj9 CVE-2019-1139 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Chakra Scripting Engine Out-of-bounds write
GHSA-2rfj-2mwp-787v CVE-2019-0993 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). ...
nuget
No PRs yet
Out-of-bounds write in Microsoft.ChakraCore
GHSA-758c-g2ff-9444 CVE-2019-1140 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write in Microsoft.ChakraCore
GHSA-mw7r-3g6w-85qg CVE-2019-1131 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Chakra Scripting Engine Out-of-bounds write
GHSA-6973-94v8-5mgw CVE-2019-0991 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). ...
nuget
No PRs yet
Out-of-bounds write
GHSA-v648-p92f-9996 CVE-2019-0925 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-5rcr-q3rx-j7vr CVE-2019-1107 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-v89p-5hr2-4rh4 CVE-2019-1197 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-pwpr-vp2v-99xw CVE-2019-1138 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-pcgf-qjx2-qv4q CVE-2019-1217 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-q99r-j969-6jwr CVE-2019-1237 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-2452-3rwv-x89c CVE-2019-1298 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-grvw-q343-58wh CVE-2019-1300 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-vw2g-5827-m9fp CVE-2019-1308 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-6j89-jhpr-849f CVE-2019-1307 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-p23j-g745-8449 CVE-2019-1335 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Out-of-bounds write
GHSA-2wwc-w2gw-4329 CVE-2019-1366 HIGH over 4 years ago
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra S...
nuget
No PRs yet
Double Free in Adplug
GHSA-874w-m2v2-mj64 CVE-2019-15151 CRITICAL over 4 years ago
AdPlug 2.3.1 has a double free in the `Cu6mPlayer` class in `u6m.h`.
nuget
No PRs yet
Out-of-bounds write in libpng
GHSA-qwwr-qc2p-6283 CVE-2018-14550 HIGH over 4 years ago
An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in...
nuget
No PRs yet