Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,493 advisories

Loading
Incorrect Authorization in HashiCorp Consul Moderate
CVE-2020-7955 was published for github.com/hashicorp/consul (Go) Jul 28, 2021
Improper Resource Shutdown or Release in HashiCorp Vault High
CVE-2020-7220 was published for github.com/hashicorp/vault (Go) Jul 28, 2021
github.com/pires/go-proxyproto vulnerable to DoS via Connection descriptor exhaustion High
CVE-2021-23409 was published for github.com/pires/go-proxyproto (Go) Jul 26, 2021
tdunlap607
Improper Restriction of Excessive Authentication Attempts in Argo API High
CVE-2020-8827 was published for github.com/argoproj/argo-cd (Go) Jul 26, 2021
Argo CD Insecure default administrative password High
CVE-2020-8828 was published for github.com/argoproj/argo-cd (Go) Jul 26, 2021
Archive package allows chmod of file outside of unpack target directory Moderate
CVE-2021-32760 was published for github.com/containerd/containerd (Go) Jul 26, 2021
tdunlap607
HashiCorp Consul L7 deny intention results in an allow action High
CVE-2021-36213 was published for github.com/hashicorp/consul (Go) Jul 19, 2021
Hashicorp Consul Missing SSL Certificate Validation High
CVE-2021-32574 was published for github.com/hashicorp/consul (Go) Jul 19, 2021
Buildah processes using chroot isolation may leak environment values to intermediate processes Moderate
CVE-2021-3602 was published for github.com/containers/buildah (Go) Jul 19, 2021
bburky
Open Redirect in github.com/AndrewBurian/powermux Moderate
CVE-2021-32721 was published for github.com/AndrewBurian/powermux (Go) Jul 1, 2021
Denial of Service in miekg-dns High
CVE-2017-15133 was published for github.com/miekg/dns (Go) Jun 29, 2021
Improper Authenication in Pion DTLS Critical
CVE-2019-20786 was published for github.com/pion/dtls (Go) Jun 29, 2021
Incorrect Default Permissions in Binance tss-lib High
CVE-2020-12118 was published for github.com/binance-chain/tss-lib (Go) Jun 29, 2021
Path Traversal in Dutchcoders transfer.sh Critical
CVE-2021-33497 was published for github.com/dutchcoders/transfer.sh (Go) Jun 29, 2021
Cross-site scripting in Dutchcoders transfer.sh Moderate
CVE-2021-33496 was published for github.com/dutchcoders/transfer.sh (Go) Jun 29, 2021
CRLF vulnerability in Fiber Moderate
CVE-2020-15111 was published for github.com/gofiber/fiber (Go) Jun 29, 2021
hsblhsn abdshaleh
Go Ethereum Denial of Service High
CVE-2018-19184 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
Consensus flaw during block processing in github.com/ethereum/go-ethereum Moderate
CVE-2020-26265 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
johnyangk
Denial of service in github.com/ethereum/go-ethereum Moderate
CVE-2020-26264 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
lukaszmatczak
Denial of service in go-ethereum due to CVE-2020-28362 Critical
GHSA-m6gx-rhvj-fh52 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
Denial of service in geth Moderate
CVE-2020-26242 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
Shallow copy bug in geth Moderate
CVE-2020-26241 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
johnyangk
Erroneous Proof of Work calculation in geth Moderate
CVE-2020-26240 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
slavikus
Cross-site Scripting in Gogs Moderate
CVE-2014-8683 was published for gogs.io/gogs (Go) Jun 29, 2021
SQL Injection in Gogs High
CVE-2014-8682 was published for gogs.io/gogs (Go) Jun 29, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database