Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

67 advisories

Loading
Argo Workflows Controller: Denial of Service via malicious daemon Workflows Moderate
CVE-2024-47827 was published for github.com/argoproj/argo-workflows/v3 (Go) Oct 28, 2024
meln5674 agilgur5
Policy bypass for Host Firewall policy due to race condition in Cilium agent Moderate
CVE-2024-42488 was published for github.com/cilium/cilium (Go) Aug 15, 2024
skmatti
ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability Moderate
GHSA-rvj4-q8q5-8grf was published for github.com/traefik/traefik/v2 (Go) Jun 20, 2024
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability Moderate
CVE-2024-35255 was published for @azure/identity (Go) Jun 11, 2024
scottaddie localden
Microsoft Security Advisory CVE-2024-30046 | .NET Denial of Service Vulnerability Moderate
CVE-2024-30046 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) May 14, 2024
WordOps has TOCTOU race condition Moderate
CVE-2024-34528 was published for wordops (pip) May 6, 2024
VirtuBox
vantage6 vulnerable to a username timing attack on recover password/MFA token Moderate
CVE-2024-24770 was published for vantage6 (pip) Mar 15, 2024
Apache Answer Race Condition vulnerability Moderate
CVE-2024-26578 was published for github.com/apache/incubator-answer (Go) Feb 22, 2024
Deis Workflow Manager race condition vulnerability Moderate
CVE-2016-15036 was published for github.com/deis/workflow-manager (Go) Dec 23, 2023
github.com/go-resty/resty/v2 HTTP request body disclosure Moderate
CVE-2023-45286 was published for github.com/go-resty/resty/v2 (Go) Nov 28, 2023
shanduur Kryvchun
billinghamj deerbone neilgierman hansmi
Harbor timing attack risk Moderate
CVE-2023-20902 was published for github.com/goharbor/harbor (Go) Oct 10, 2023
`chainId` may be outdated if user changes chains as part of connection in @web3-react Moderate
CVE-2023-30543 was published for @web3-react/coinbase-wallet (npm) Apr 18, 2023
Answer vulnerable to Race Condition Moderate
CVE-2023-0739 was published for github.com/answerdev/answer (Go) Feb 8, 2023
efs-utils and aws-efs-csi-driver have race condition during concurrent TLS mounts Moderate
CVE-2022-46174 was published for github.com/kubernetes-sigs/aws-efs-csi-driver (Go) Dec 30, 2022
Apache Airflow exposes arbitrary file content Moderate
CVE-2022-38170 was published for apache-airflow (pip) Sep 3, 2022
sunSUNQ
ansible-runner 2.0.0 vulnerable to Race Condition Moderate
CVE-2021-3702 was published for ansible-runner (pip) Aug 24, 2022
Uncaught Exception (due to a data race) leads to process termination in Waitress Moderate
CVE-2022-31015 was published for waitress (pip) Jun 2, 2022
oakkitten
undertow Race Condition vulnerability Moderate
CVE-2021-3597 was published for io.undertow:undertow-core (Maven) May 25, 2022
MutexGuard::map can cause a data race in safe code Moderate
CVE-2020-35905 was published for futures-util (Rust) May 24, 2022
Magento 2 Community Edition RCE Vulnerability Moderate
CVE-2019-8232 was published for magento/community-edition (Composer) May 24, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Elasticsearch Moderate
CVE-2019-7614 was published for org.elasticsearch:elasticsearch (Maven) May 24, 2022
Zope Object Database Denial of Service vulnerability Moderate
CVE-2010-3495 was published for zodb3 (pip) May 17, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Spring Security Moderate
CVE-2011-2731 was published for org.springframework.security:spring-security-core (Maven) May 17, 2022
OpenStack Neutron Race Condition vulnerability Moderate
CVE-2017-7543 was published for neutron (pip) May 13, 2022
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib Moderate
CVE-2009-5010 was published for pyftpdlib (pip) May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database