GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
62 advisories
Filter by severity
Improper Privilege Management in HashiCorp Nomad
High
CVE-2021-3283
was published
for
github.com/hashicorp/nomad
(Go)
Jun 24, 2021
Privilege Escalation in Kubernetes
Critical
CVE-2018-1002105
was published
for
github.com/kubernetes/kubernetes
(Go)
Feb 15, 2022
Malicious HTML+XHR Artifact Privilege Escalation in Argo Workflows
High
CVE-2022-29164
was published
for
github.com/argoproj/argo-workflows/v3
(Go)
May 23, 2022
Improper Privilege Management in Gitea
Critical
CVE-2021-45330
was published
for
code.gitea.io/gitea
(Go)
Feb 10, 2022
Hashicorp Vault Privilege Escalation Vulnerability
Low
CVE-2021-41802
was published
for
github.com/hashicorp/vault
(Go)
Oct 12, 2021
Improper Privilege Management in Cilium
High
CVE-2022-29179
was published
for
github.com/cilium/cilium
(Go)
May 24, 2022
Privilege escalation for users with create/update permissions in Global Roles in Rancher
Moderate
CVE-2021-36784
was published
for
github.com/rancher/rancher
(Go)
May 2, 2022
Privilege Escalation in Cloud Native Computing Foundation Harbor
Moderate
CVE-2019-19023
was published
for
github.com/goharbor/harbor
(Go)
May 18, 2021
Improper Privilege Management and Execution with Unnecessary Privileges in Kata Containers
Moderate
CVE-2020-2023
was published
for
github.com/kata-containers/agent
(Go)
Feb 15, 2022
usememos/memos Improper Privilege Management vulnerability
High
CVE-2022-4808
was published
for
github.com/usememos/memos
(Go)
Dec 28, 2022
usememos/memos makes Incorrect Use of Privileged APIs
High
CVE-2022-4687
was published
for
github.com/usememos/memos
(Go)
Dec 23, 2022
Improper Privilege Management in Mattermost
Moderate
CVE-2022-1332
was published
for
github.com/mattermost/mattermost-server/v5
(Go)
Apr 14, 2022
Write access to the catalog for any user when restricted-admin role is enabled in Rancher
High
CVE-2021-4200
was published
for
github.com/rancher/rancher
(Go)
May 2, 2022
Privilege escalation in project role template binding (PRTB) and -promoted roles
High
CVE-2022-43759
was published
for
github.com/rancher/rancher
(Go)
Jan 25, 2023
Privilege Escalation in Docker
High
CVE-2014-3499
was published
for
github.com/docker/docker
(Go)
Feb 15, 2022
Non-interactive Tailscale SSH sessions on FreeBSD may use the effective group ID of the tailscaled process
Moderate
CVE-2023-28436
was published
for
tailscale.com
(Go)
Mar 23, 2023
OpenFeature Operator vulnerable to Cluster-level Privilege Escalation
High
CVE-2023-29018
was published
for
github.com/open-feature/open-feature-operator
(Go)
Apr 12, 2023
Improper access control allows admin privilege escalation in Argo CD
Critical
CVE-2022-24768
was published
for
github.com/argoproj/argo-cd
(Go)
Mar 24, 2022
Withdrawn Advisory: kubernetes-nmstate Insecure Privilege Management
High
CVE-2020-1742
was published
for
github.com/nmstate/kubernetes-nmstate
(Go)
May 24, 2022
•
withdrawn
Privilege Elevation in runc
High
CVE-2016-3697
was published
for
github.com/opencontainers/runc
(Go)
Dec 20, 2021
Privilege Escalation on Linux/MacOS
High
CVE-2023-28434
was published
for
github.com/minio/minio
(Go)
Sep 5, 2023
Incorrect Permission Assignment for Critical Resource in Singularity
High
CVE-2019-11328
was published
for
github.com/sylabs/singularity
(Go)
Dec 20, 2021
Hashicorp Nomad Access Control Issues
Critical
CVE-2019-12618
was published
for
github.com/hashicorp/nomad
(Go)
May 24, 2022
Ineffective privileges drop when requesting container network
Moderate
CVE-2023-38496
was published
for
github.com/apptainer/apptainer
(Go)
Jul 25, 2023
KubePi Privilege Escalation vulnerability
Critical
CVE-2023-37917
was published
for
github.com/KubeOperator/kubepi
(Go)
Jul 21, 2023
ProTip!
Advisories are also available from the
GraphQL API