Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

908 advisories

Loading
Pion DTLS Header reconstruction method can be thrown into an infinite loop High
CVE-2022-29190 was published for github.com/pion/dtls (Go) May 24, 2022
golang.org/x/crypto/ssh NULL Pointer Dereference vulnerability High
CVE-2020-29652 was published for golang.org/x/crypto (Go) May 24, 2022
Istio vulnerable to denial of service High
CVE-2019-18817 was published for istio.io/istio (Go) May 24, 2022
Improper Privilege Management in Cilium High
CVE-2022-29179 was published for github.com/cilium/cilium (Go) May 24, 2022
Access to Unix domain socket can lead to privileges escalation in Cilium High
CVE-2022-29178 was published for github.com/cilium/cilium (Go) May 24, 2022
daniel-f3 danmx
Improper Validation of Integrity Check Value in go-tuf High
CVE-2022-29173 was published for github.com/theupdateframework/go-tuf (Go) May 24, 2022
rdimitrov
Withdrawn Advisory: kubernetes-nmstate Insecure Privilege Management High
CVE-2020-1742 was published for github.com/nmstate/kubernetes-nmstate (Go) May 24, 2022 withdrawn
golang.org/x/net/html Infinite Loop vulnerability High
CVE-2021-33194 was published for golang.org/x/net (Go) May 24, 2022
Grafana information disclosure High
CVE-2020-12458 was published for github.com/grafana/grafana (Go) May 24, 2022
Grafana world readable configuration files High
CVE-2020-12459 was published for github.com/grafana/grafana (Go) May 24, 2022
Golang Facebook Thrift servers vulnerable to denial of service High
CVE-2019-11939 was published for github.com/facebook/fbthrift (Go) May 24, 2022
Singularity insecure permissions High
CVE-2019-19724 was published for github.com/sylabs/singularity (Go) May 24, 2022
Kubernetes kube-apiserver unauthorized access High
CVE-2019-11247 was published for k8s.io/apiextensions-apiserver (Go) May 24, 2022
golang.org/x/net/http vulnerable to a reset flood High
CVE-2019-9514 was published for golang.org/x/net (Go) May 24, 2022
golang.org/x/net/http vulnerable to ping floods High
CVE-2019-9512 was published for golang.org/x/net (Go) May 24, 2022
Istio ReDoS Vulnerability High
CVE-2019-14993 was published for istio.io/istio (Go) May 24, 2022
Podman Path Traversal Vulnerability leads to arbitrary file read/write High
CVE-2019-10152 was published for github.com/containers/podman (Go) May 24, 2022
mastercactapus proxyprotocol vulnerable to denial of service High
CVE-2019-14243 was published for github.com/mastercactapus/proxyprotocol (Go) May 24, 2022
b3log Wide unauthenticated file access High
CVE-2019-13915 was published for github.com/b3log/wide (Go) May 24, 2022
Secret insertion into debug log in Docker High
CVE-2019-13509 was published for github.com/docker/docker (Go) May 24, 2022
joshbressers
Rancher Privilege Escalation Vulnerability High
CVE-2019-12274 was published for github.com/rancher/rancher (Go) May 24, 2022
Rancher code injection via fluentd config commands High
CVE-2019-12303 was published for github.com/rancher/rancher (Go) May 24, 2022
Hybrid Group Gobot Improper Certificate Validation vulnerability High
CVE-2019-12496 was published for github.com/hybridgroup/gobot (Go) May 24, 2022
Containous Traefik Exposes Password Hashes High
CVE-2019-12452 was published for github.com/traefik/traefik (Go) May 24, 2022
LXD vulnerable to Race Condition High
CVE-2015-1340 was published for github.com/lxc/lxd (Go) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database