Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

2,041 advisories

Loading
Insecure Permissions in Gogs Critical
CVE-2019-14544 was published for gogs.io/gogs (Go) May 18, 2021
Improper Input Validation in libseccomp-golang High
CVE-2017-18367 was published for github.com/seccomp/libseccomp-golang (Go) May 18, 2021
Rancher Vulnerable to Cross-site Request Forgery (CSRF) High
CVE-2019-13209 was published for github.com/rancher/rancher (Go) May 18, 2021
Improper Authentication in Apache Traffic Control Critical
CVE-2019-12405 was published for github.com/apache/trafficcontrol (Go) May 18, 2021
Duplicate Advisory: k8s.io/kube-state-metrics Exposure of Sensitive Information Moderate
CVE-2019-17110 was published for github.com/kubernetes/kube-state-metrics (Go) May 18, 2021 withdrawn
XML Entity Expansion and Improper Input Validation in Kubernetes API server High
CVE-2019-11253 was published for k8s.io/kubernetes (Go) May 18, 2021
Out-of-bounds read in Apache Thrift High
CVE-2019-0210 was published for github.com/apache/thrift (Go) May 18, 2021
Path Traversal in MHolt Archiver Moderate
CVE-2019-10743 was published for github.com/mholt/archiver (Go) May 18, 2021
Cloud Foundry Routing Improper Input Validation vulnerability High
CVE-2019-11289 was published for code.cloudfoundry.org/gorouter (Go) May 18, 2021
Cross-site Scripting in Documize Moderate
CVE-2019-19619 was published for github.com/documize/community (Go) May 18, 2021
Improper Access Control in Lightning Network Daemon High
CVE-2019-12999 was published for github.com/lightningnetwork/lnd (Go) May 18, 2021
Kubernetes kubectl cp Vulnerable to Symlink Attack Moderate
CVE-2019-11251 was published for k8s.io/kubernetes (Go) May 18, 2021
GPGME Go wrapper contains Use After Free High
CVE-2020-8945 was published for github.com/proglottis/gpgme (Go) May 18, 2021
Improper Verification of Cryptographic Signature in golang.org/x/crypto High
CVE-2020-9283 was published for golang.org/x/crypto (Go) May 18, 2021
Kubernetes Privilege Escalation Critical
CVE-2017-1000056 was published for k8s.io/kubernetes (Go) May 12, 2021
Improper Locking in github.com/containers/storage Moderate
CVE-2021-20291 was published for github.com/containers/storage (Go) May 10, 2021
ProTip! Advisories are also available from the GraphQL API