Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,476
Erlang
33
GitHub Actions
24
Go
2,207
Maven
5,000+
npm
3,858
NuGet
696
pip
3,639
Pub
12
RubyGems
913
Rust
918
Swift
38
Unreviewed advisories
All unreviewed
5,000+

19 advisories

Loading
PipeCD Vulnerable to Privilege Escalation High
CVE-2024-53351 was published for github.com/pipe-cd/pipecd (Go) Mar 21, 2025
MaysWind ezBookkeeping has Improper Privilege Management Critical
CVE-2024-57604 was published for github.com/mayswind/ezbookkeeping (Go) Feb 13, 2025
Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3) High
CVE-2024-54131 was published for github.com/kolide/launcher (Go) Dec 3, 2024
Cilium's CIDR deny policies may not take effect when a more narrow CIDR allow is present Moderate
CVE-2024-47825 was published for github.com/cilium/cilium (Go) Oct 21, 2024
christarazi
Kubean vulnerable to cluster-level privilege escalation High
CVE-2024-41820 was published for github.com/kubean-io/kubean (Go) Aug 5, 2024
younaman
Kubernetes sets incorrect permissions on Windows containers logs High
CVE-2024-5321 was published for k8s.io/kubernetes (Go) Jul 18, 2024
nfpm has incorrect default permissions High
CVE-2023-32698 was published for github.com/goreleaser/nfpm (Go) May 24, 2023
oCHRISo caarlos0
djgilcrease
Rancher Webhook is misconfigured during upgrade process Critical
CVE-2023-22651 was published for github.com/rancher/rancher (Go) Apr 24, 2023
pjbgf
cilium-agent container can access the host via `hostPath` mount Moderate
CVE-2023-27593 was published for github.com/cilium/cilium (Go) Mar 17, 2023
tasoskoutlis-f3 daniel-f3
mag-ocz
Incorrect Default Permissions in Beego Moderate
CVE-2019-16355 was published for github.com/astaxie/beego (Go) May 24, 2022
Access to Unix domain socket can lead to privileges escalation in Cilium High
CVE-2022-29178 was published for github.com/cilium/cilium (Go) May 24, 2022
daniel-f3 danmx
Default inheritable capabilities for linux container should be empty Moderate
CVE-2022-29162 was published for github.com/opencontainers/runc (Go) May 24, 2022
AndrewGMorgan
Singularity insecure permissions High
CVE-2019-19724 was published for github.com/sylabs/singularity (Go) May 24, 2022
Incorrect Default Permissions in CRI-O Moderate
CVE-2022-27652 was published for github.com/cri-o/cri-o (Go) Apr 22, 2022
AndrewGMorgan
Podman's default inheritable capabilities for linux container not empty High
CVE-2022-27649 was published for github.com/containers/podman/v4 (Go) Apr 1, 2022
AndrewGMorgan
Non-empty default inheritable capabilities for linux container in Buildah Moderate
CVE-2022-27651 was published for github.com/containers/buildah (Go) Apr 1, 2022
AndrewGMorgan
User login denial of service in github.com/google/fscrypt Moderate
CVE-2022-25327 was published for github.com/google/fscrypt (Go) Feb 26, 2022
tdunlap607
Incorrect Default Permissions in Binance tss-lib High
CVE-2020-12118 was published for github.com/binance-chain/tss-lib (Go) Jun 29, 2021
Privilege escalation in rbac High
CVE-2021-22538 was published for github.com/google/exposure-notifications-verification-server (Go) May 21, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database