GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
13 advisories
Filter by severity
open-webui Insecure Direct Object Reference (IDOR) vulnerability
Moderate
CVE-2024-7041
was published
for
open-webui
(pip)
Oct 9, 2024
OpenShift Builder has a path traversal, allows command injection in privileged BuildContainer
Moderate
CVE-2024-7387
was published
for
github.com/openshift/builder
(Go)
Sep 17, 2024
Apache Airflow vulnerable to Execution with Unnecessary Privileges
High
CVE-2024-45034
was published
for
apache-airflow
(pip)
Sep 7, 2024
Submariner Operator sets unnecessary RBAC permissions in helm charts
Moderate
CVE-2024-5042
was published
for
github.com/submariner-io/submariner-operator
(Go)
May 17, 2024
Kruise allows leveraging the kruise-daemon pod to list all secrets in the entire cluster
Moderate
CVE-2023-30617
was published
for
github.com/openkruise/kruise
(Go)
Jan 5, 2024
kOps privilege escalation vulnerability
High
CVE-2023-1943
was published
for
k8s.io/kops
(Go)
Oct 12, 2023
Wings vulnerable to escape to host from installation container
Critical
CVE-2023-32080
was published
for
github.com/pterodactyl/wings
(Go)
May 11, 2023
Execution with Unnecessary Privileges in JupyterApp
High
CVE-2022-39286
was published
for
jupyter-core
(pip)
Oct 26, 2022
Authentication Bypass in keycloak
High
CVE-2020-27826
was published
for
org.keycloak:keycloak-core
(Maven)
Mar 18, 2022
Improper Privilege Management and Execution with Unnecessary Privileges in Kata Containers
Moderate
CVE-2020-2023
was published
for
github.com/kata-containers/agent
(Go)
Feb 15, 2022
Execution with Unnecessary Privileges in ipython
High
CVE-2022-21699
was published
for
ipython
(pip)
Jan 21, 2022
Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible
Moderate
CVE-2020-10684
was published
for
ansible
(pip)
Apr 7, 2021
Local Privilege Escalation in PyInstaller
High
CVE-2019-16784
was published
for
PyInstaller
(pip)
Jan 16, 2020
ProTip!
Advisories are also available from the
GraphQL API