GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
14 advisories
Filter by severity
Privilege escalation in rbac
High
CVE-2021-22538
was published
for
github.com/google/exposure-notifications-verification-server
(Go)
May 21, 2021
Incorrect Default Permissions in Binance tss-lib
High
CVE-2020-12118
was published
for
github.com/binance-chain/tss-lib
(Go)
Jun 29, 2021
User login denial of service in github.com/google/fscrypt
Moderate
CVE-2022-25327
was published
for
github.com/google/fscrypt
(Go)
Feb 26, 2022
Non-empty default inheritable capabilities for linux container in Buildah
Moderate
CVE-2022-27651
was published
for
github.com/containers/buildah
(Go)
Apr 1, 2022
Podman's default inheritable capabilities for linux container not empty
High
CVE-2022-27649
was published
for
github.com/containers/podman/v4
(Go)
Apr 1, 2022
Incorrect Default Permissions in CRI-O
Moderate
CVE-2022-27652
was published
for
github.com/cri-o/cri-o
(Go)
Apr 22, 2022
Singularity insecure permissions
High
CVE-2019-19724
was published
for
github.com/sylabs/singularity
(Go)
May 24, 2022
Default inheritable capabilities for linux container should be empty
Moderate
CVE-2022-29162
was published
for
github.com/opencontainers/runc
(Go)
May 24, 2022
Access to Unix domain socket can lead to privileges escalation in Cilium
High
CVE-2022-29178
was published
for
github.com/cilium/cilium
(Go)
May 24, 2022
Incorrect Default Permissions in Beego
Moderate
CVE-2019-16355
was published
for
github.com/astaxie/beego
(Go)
May 24, 2022
cilium-agent container can access the host via `hostPath` mount
Moderate
CVE-2023-27593
was published
for
github.com/cilium/cilium
(Go)
Mar 17, 2023
nfpm has incorrect default permissions
High
CVE-2023-32698
was published
for
github.com/goreleaser/nfpm
(Go)
May 24, 2023
Kubernetes sets incorrect permissions on Windows containers logs
Moderate
CVE-2024-5321
was published
for
k8s.io/kubernetes
(Go)
Jul 18, 2024
Kubean vulnerable to cluster-level privilege escalation
Moderate
CVE-2024-41820
was published
for
github.com/kubean-io/kubean
(Go)
Aug 5, 2024
ProTip!
Advisories are also available from the
GraphQL API