GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,934
Maven
5,000+
npm
3,668
NuGet
642
pip
3,287
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+
17 advisories
Filter by severity
Kubean vulnerable to cluster-level privilege escalation
Moderate
CVE-2024-41820
was published
for
github.com/kubean-io/kubean
(Go)
Aug 5, 2024
snapd failed to restrict writes to the $HOME/bin path
Moderate
CVE-2024-1724
was published
for
github.com/snapcore/snapd
(Go)
Jul 25, 2024
Moby (Docker Engine) started with non-empty inheritable Linux process capabilities
Moderate
CVE-2022-24769
was published
for
github.com/docker/docker
(Go)
Apr 22, 2024
Moby (Docker Engine) Insufficiently restricted permissions on data directory
Moderate
CVE-2021-41091
was published
for
github.com/docker/docker
(Go)
Jan 31, 2024
Privilege Escalation in HashiCorp Consul
Moderate
CVE-2020-28053
was published
for
github.com/hashicorp/consul
(Go)
Jan 31, 2024
CubeFS allows Kubernetes cluster-level privilege escalation
Moderate
CVE-2023-30512
was published
for
github.com/cubefs/cubefs
(Go)
Apr 12, 2023
Bytebase does not restrict low privilege user to access admin issues
Moderate
CVE-2022-32169
was published
for
github.com/bytebase/bytebase
(Go)
Sep 29, 2022
Gitea allowed assignment of private issues
Moderate
CVE-2022-38183
was published
for
code.gitea.io/gitea
(Go)
Aug 13, 2022
Grafana information disclosure
Moderate
CVE-2020-12458
was published
for
github.com/grafana/grafana
(Go)
May 24, 2022
Grafana world readable configuration files
Moderate
CVE-2020-12459
was published
for
github.com/grafana/grafana
(Go)
May 24, 2022
Kubernetes Unsafe Cacheing
Moderate
CVE-2019-11244
was published
for
k8s.io/client-go
(Go)
Feb 15, 2022
Incorrect Permission Assignment for Critical Resource in CRI-O
Moderate
CVE-2022-0532
was published
for
github.com/cri-o/cri-o
(Go)
Feb 11, 2022
Beego has a file creation race condition
Moderate
CVE-2019-16354
was published
for
github.com/astaxie/beego
(Go)
Aug 2, 2021
Archive package allows chmod of file outside of unpack target directory
Moderate
CVE-2021-32760
was published
for
github.com/containerd/containerd
(Go)
Jul 26, 2021
Incorrect Permission Assignment for Critical Resource in Hashicorp Consul
Moderate
CVE-2020-12797
was published
for
github.com/hashicorp/consul
(Go)
Jun 23, 2021
Cache Manipulation Attack in Apache Traffic Control
Moderate
CVE-2020-17522
was published
for
github.com/apache/trafficcontrol
(Go)
Jun 18, 2021
Permissions bypass in KubeVirt
Moderate
CVE-2020-1701
was published
for
kubevirt.io/kubevirt
(Go)
Jun 1, 2021
ProTip!
Advisories are also available from the
GraphQL API