Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

Security Advisories

Browse security advisories and track which Dependabot PRs address them.

RSS Feed

24,785

Total Advisories

1,792

With Dependabot PRs

3,506

Critical Severity

8,617

High Severity

Clear All Filters
ChakraCore information disclosure vulnerability
GHSA-h6m7-jphx-f9p5 CVE-2017-8659 MODERATE over 3 years ago
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to obtain information to further compromise the user's system due to the Chakra scri...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-8v2h-4jpm-3wfm CVE-2017-8658 CRITICAL over 3 years ago
A remote code execution vulnerability exists in the way that the Chakra JavaScript engine renders when handling objects in memory, aka "Scripting E...
nuget
No PRs yet
DotNetNuke (DNN) Cross-site scripting (XSS) vulnerability via the __dnnVariable parameter
GHSA-rvrj-j7cc-236p CVE-2013-4649 MODERATE over 3 years ago
Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote attackers to inject arbitrary web scri...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-hrf4-ww4w-6rv6 CVE-2017-11797 HIGH over 3 years ago
ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles obje...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-f8f9-q5hg-9c7q CVE-2017-11801 HIGH over 3 years ago
ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles obje...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-8h76-7vc3-mj3v CVE-2017-11792 HIGH over 3 years ago
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allow an attacker to execute arbitrary code in the context of the current user, due to h...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-rhwh-jw9h-4m49 CVE-2017-11821 HIGH over 3 years ago
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to ...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-6mw4-phmc-x477 CVE-2017-11807 HIGH over 3 years ago
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to ...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-px6p-jxwr-27mc CVE-2017-11805 HIGH over 3 years ago
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to ...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-6r3x-5gwg-g642 CVE-2017-11806 HIGH over 3 years ago
ChakraCore and Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to ...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-3c78-m682-8wp9 CVE-2017-11796 HIGH over 3 years ago
ChakraCore and Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how the sc...
nuget
No PRs yet
Umbraco CMS XXE Vulnerability
GHSA-h2vq-7gf2-qw9v CVE-2017-15280 MODERATE over 3 years ago
XML external entity (XXE) vulnerability in Umbraco CMS before 7.7.3 allows attackers to obtain sensitive information by reading files on the server...
nuget
No PRs yet
Umbraco CMS vulnerable to stored XSS
GHSA-xj94-rgf9-cq37 CVE-2017-15279 MODERATE over 3 years ago
Cross-site scripting (XSS) vulnerability in Umbraco CMS before 7.7.3 allows remote attackers to inject arbitrary web script or HTML via the "page n...
nuget
No PRs yet
Chakra Core vulnerable to privilege escalation due to type confusion
GHSA-pcr8-75v3-w9pf CVE-2017-11862 HIGH over 3 years ago
ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current us...
nuget
No PRs yet
Chakra Core vulnerable to privilege escalation when writing to JavaScript null scope objects
GHSA-9f2p-wm46-6m5f CVE-2017-11870 HIGH over 3 years ago
ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the cur...
nuget
No PRs yet
Chakra Core vulnerable to privilege escalation due to reading an invalid pointer
GHSA-43qp-hphf-5rjw CVE-2017-11871 HIGH over 3 years ago
ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the cur...
nuget
No PRs yet
Improper Input Validation in Microsoft.NETCore.App
GHSA-8884-xcr4-r68p CVE-2017-8585 HIGH over 3 years ago
Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 allow an attacker to send specially crafted requests to a .NET web application, resulting in de...
nuget
No PRs yet
ChakraCore vulnerable to remote code execution due to insufficient InlineCache check
GHSA-735f-mx7h-46w8 CVE-2017-11910 HIGH over 3 years ago
ChakraCore and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the ...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-5f5r-65pm-r3wr CVE-2017-11916 HIGH over 3 years ago
ChakraCore allows an attacker to execute arbitrary code in the context of the current user, due to how the ChakraCore scripting engine handles obje...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-923j-972p-hchf CVE-2017-11908 HIGH over 3 years ago
ChakraCore and Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine han...
nuget
No PRs yet
Improper Input Validation in IpMatcher
GHSA-qj93-37f5-mr29 CVE-2021-33318 CRITICAL over 3 years ago
An Input Validation Vulnerability exists in Joel Christner .NET C# packages WatsonWebserver, IpMatcher 1.0.4.1 and below (IpMatcher) and 4.1.3 and ...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-72gm-pp6q-gpx5 CVE-2017-11905 HIGH over 3 years ago
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the con...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-xw5f-g937-wgm2 CVE-2017-11889 HIGH over 3 years ago
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in t...
nuget
No PRs yet
Open redirect in ASP.NET Core
GHSA-3wcj-rg8q-9cqv CVE-2017-11879 HIGH over 3 years ago
ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "A...
nuget
No PRs yet
Improper Certificate Validation in Microsoft .NET Framework components
GHSA-p9wx-v264-q34p CVE-2018-8356 MODERATE over 3 years ago
A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework...
nuget
No PRs yet
DotNetNuke Default Machine Key Exposure
GHSA-grw3-hjjm-5cjm CVE-2008-6540 MODERATE over 3 years ago
DotNetNuke before 4.8.2, during installation or upgrade, does not warn the administrator when the default (1) ValidationKey and (2) DecryptionKey v...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-g77f-7wm9-rh6p CVE-2016-0024 HIGH over 3 years ago
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Scripting Engine Mem...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-fjj8-gv4j-953p CVE-2016-0186 HIGH over 3 years ago
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-985m-xqv8-rh79 CVE-2016-0193 HIGH over 3 years ago
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-j69r-w67w-gf35 CVE-2016-0191 HIGH over 3 years ago
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-vfjw-crcq-q92v CVE-2016-3199 HIGH over 3 years ago
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-ww6f-76ff-phhj CVE-2016-3202 HIGH over 3 years ago
The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, al...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-538h-6rv2-wmj3 CVE-2016-3214 HIGH over 3 years ago
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-q6mv-8vh9-4ggj CVE-2016-3248 HIGH over 3 years ago
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, ...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-wm27-49x2-mg9q CVE-2016-3259 HIGH over 3 years ago
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 9 through 11, Microsoft Edge, ...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-h6g3-73h7-chxp CVE-2016-3260 HIGH over 3 years ago
The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other ...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-f2pg-gcxp-gr2c CVE-2016-3265 HIGH over 3 years ago
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-8g43-4g4j-g9r5 CVE-2016-3269 HIGH over 3 years ago
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-5ppx-g65v-4vfv CVE-2016-3296 HIGH over 3 years ago
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Memo...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-p94c-r74j-43qg CVE-2016-3350 HIGH over 3 years ago
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-wv44-9w69-w43j CVE-2016-3377 HIGH over 3 years ago
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-92j2-gg59-4572 CVE-2016-3382 HIGH over 3 years ago
The scripting engines in Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a de...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-v9jg-m6g5-h3hh CVE-2016-3386 HIGH over 3 years ago
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-294j-r53x-w786 CVE-2016-3389 HIGH over 3 years ago
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-f7p4-fmmh-4p8x CVE-2016-3390 HIGH over 3 years ago
The scripting engines in Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of se...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-vr4j-gj8q-m89v CVE-2016-7189 HIGH over 3 years ago
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Remo...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-w4mj-xwvw-382f CVE-2016-7190 HIGH over 3 years ago
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-36c3-jcm2-rm3j CVE-2016-7194 HIGH over 3 years ago
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-wcvc-rhfj-997g CVE-2016-7203 HIGH over 3 years ago
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory cor...
nuget
No PRs yet
ChakraCore RCE Vulnerability
GHSA-5whg-j5fv-xcm2 CVE-2016-7200 HIGH over 3 years ago
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory cor...
nuget
No PRs yet