Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-7q4v-2mr6-5gpx
  • NuGet/Microsoft.NETCore.App.Runtime.linux-x64
  • NuGet/Microsoft.NETCore.App.Runtime.osx-arm64
  • NuGet/Microsoft.NETCore.App.Runtime.win-x64
 Microsoft Security Advisory CVE-2026-45491 – .NET Tampering Vulnerability 1 hour ago
  • Fix available
  • Severity - 6.8 (Medium)
GHSA-f8h2-vmm9-qhj6
  • NuGet/Microsoft.AspNetCore.App.Runtime.linux-x64
  • NuGet/Microsoft.AspNetCore.App.Runtime.osx-arm64
  • NuGet/Microsoft.AspNetCore.App.Runtime.win-x64
  • NuGet/Microsoft.AspNetCore.SignalR.Protocols.MessagePack
 Microsoft Security Advisory CVE-2026-45591 – ASP.NET Core Denial of Service Vulnerability 19 hours ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-hv8m-jj95-wg3x
  • NuGet/MessagePack
 MessagePack's LZ4 decompression may fail with AccessViolationException after dereferencing memory from bad input 4 days ago
  • Fix available
  • Severity - 8.2 (High)
GHSA-vg35-5wq7-3x7w
  • NuGet/TinyMCE
  • Packagist/tinymce/tinymce
  • npm/tinymce
 TinyMCE Cross-Site Scripting (XSS) vulnerability using media plugin `data-mce-object` injection 05 Jun
  • Fix available
  • Severity - 8.7 (High)
GHSA-v98h-vmpc-fpqv
  • NuGet/TinyMCE
  • Packagist/tinymce/tinymce
  • npm/tinymce
 TinyMCE Cross-Site Scripting (XSS) vulnerability through `mce:protected` comments 05 Jun
  • Fix available
  • Severity - 8.7 (High)
GHSA-q742-qvgc-gc2f
  • NuGet/TinyMCE
  • Packagist/tinymce/tinymce
  • npm/tinymce
 TinyMCE Cross-Site Scripting (XSS) vulnerability using through data-mce- prefixed src, href, style attributes 05 Jun
  • Fix available
  • Severity - 8.7 (High)
GHSA-mh5m-5hw4-5c69
  • NuGet/TinyMCE
  • Packagist/tinymce/tinymce
  • npm/tinymce
 TinyMCE Cross-Site Scripting (XSS) vulnerability using sanitization bypass through nested SVGs 05 Jun
  • Fix available
  • Severity - 8.7 (High)
GHSA-92vj-hp7m-gwcj
  • NuGet/Nerdbank.MessagePack
 Nerdbank.MessagePack has Inefficient CPU Computation 29 May
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-qjvr-435c-5fjh
  • NuGet/Nerdbank.MessagePack
 Nerdbank.MessagePack has a memory amplification DoS in collection deserialization 29 May
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-6gxq-f64p-5w6f
  • NuGet/Magick.NET-Q16-AnyCPU
  • NuGet/Magick.NET-Q16-HDRI-AnyCPU
  • NuGet/Magick.NET-Q16-HDRI-OpenMP-arm64
  • NuGet/Magick.NET-Q16-HDRI-arm64
  • NuGet/Magick.NET-Q16-HDRI-x64
  • ... 12 more
 ImageMagick: Heap Buffer Over-Read in distributed pixel cache server 22 May
  • Fix available
  • Severity - 5.7 (Medium)
GHSA-2rgj-gx5x-f62w
  • NuGet/Magick.NET-Q16-AnyCPU
  • NuGet/Magick.NET-Q16-HDRI-AnyCPU
  • NuGet/Magick.NET-Q16-HDRI-OpenMP-arm64
  • NuGet/Magick.NET-Q16-HDRI-arm64
  • NuGet/Magick.NET-Q16-HDRI-x64
  • ... 12 more
 ImageMagick: Information Disclosure in distributed pixel cache server because it is not using a challenge–response authentication model 22 May
  • Fix available
  • Severity - 4.1 (Medium)
GHSA-4g75-9r48-jf92
  • NuGet/Magick.NET-Q16-AnyCPU
  • NuGet/Magick.NET-Q16-HDRI-AnyCPU
  • NuGet/Magick.NET-Q16-HDRI-OpenMP-arm64
  • NuGet/Magick.NET-Q16-HDRI-arm64
  • NuGet/Magick.NET-Q16-HDRI-x64
  • ... 12 more
 ImageMagick: Race Condition in distributed pixel cache server can result in file descriptor hijacking 22 May
  • Fix available
  • Severity - 4.1 (Medium)
GHSA-p93h-f2jc-477j
  • NuGet/Magick.NET-Q16-AnyCPU
  • NuGet/Magick.NET-Q16-HDRI-AnyCPU
  • NuGet/Magick.NET-Q16-HDRI-OpenMP-arm64
  • NuGet/Magick.NET-Q16-HDRI-arm64
  • NuGet/Magick.NET-Q16-HDRI-x64
  • ... 12 more
 ImageMagick: Heap Buffer Over-Write in distributed pixel cache server 22 May
  • Fix available
  • Severity - 4.1 (Medium)
GHSA-qv2q-c278-pch5
  • NuGet/Magick.NET-Q16-AnyCPU
  • NuGet/Magick.NET-Q16-HDRI-AnyCPU
  • NuGet/Magick.NET-Q16-HDRI-OpenMP-arm64
  • NuGet/Magick.NET-Q16-HDRI-arm64
  • NuGet/Magick.NET-Q16-HDRI-x64
  • ... 12 more
 ImageMagick: Information Disclosure in PasskeyEncipherImage via AES-CTR nonce reuse 21 May
  • Fix available
  • Severity - 3.7 (Low)
GHSA-vf33-6r7x-66xx
  • NuGet/Magick.NET-Q16-AnyCPU
  • NuGet/Magick.NET-Q16-HDRI-AnyCPU
  • NuGet/Magick.NET-Q16-HDRI-OpenMP-arm64
  • NuGet/Magick.NET-Q16-HDRI-arm64
  • NuGet/Magick.NET-Q16-HDRI-x64
  • ... 12 more
 ImageMagick: Division by Zero in binomial kernel 21 May
  • Fix available
  • Severity - 3.3 (Low)
GHSA-jqq5-8px3-9m6m
  • NuGet/Magick.NET-Q16-AnyCPU
  • NuGet/Magick.NET-Q16-HDRI-AnyCPU
  • NuGet/Magick.NET-Q16-HDRI-OpenMP-arm64
  • NuGet/Magick.NET-Q16-HDRI-arm64
  • NuGet/Magick.NET-Q16-HDRI-x64
  • ... 12 more
 ImageMagick: Heap Buffer Over-Write in json and yaml encoder of a single byte due to incorrect fix 21 May
  • Fix available
  • Severity - 6.2 (Medium)
Load more...