GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
70 advisories
Quarkus potentially leaks data when duplicating a duplicated context
Moderate
CVE-2025-49574
was published
for
io.quarkus:quarkus-vertx
(Maven)
Jun 23, 2025
IPC messages delivered to the wrong frame in Electron
Moderate
CVE-2020-26272
was published
for
electron
(npm)
Jan 28, 2021
Apache Airflow: DAG Code and Import Error Permissions Ignored
Moderate
CVE-2024-27906
was published
for
apache-airflow
(pip)
Feb 29, 2024
Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption Library
Moderate
CVE-2022-30187
was published
for
Azure.Storage.Blobs
(Maven)
Jul 13, 2022
wolfictl leaks GitHub tokens to remote non-GitHub git servers
Moderate
CVE-2024-35183
was published
for
github.com/wolfi-dev/wolfictl
(Go)
May 15, 2024
IPv6 enabled on IPv4-only network interfaces
Moderate
CVE-2024-32473
was published
for
github.com/docker/docker
(Go)
Apr 18, 2024
TemporaryFolder on unix-like systems does not limit access to created files
Moderate
CVE-2022-41946
was published
for
org.postgresql:postgresql
(Maven)
Nov 23, 2022
Archive package allows chmod of file outside of unpack target directory
Moderate
CVE-2021-32760
was published
for
github.com/containerd/containerd
(Go)
Jul 26, 2021
Missing permission checks in SSH Agent Plugin allow enumerating credentials IDs
Moderate
CVE-2022-20620
was published
for
org.jenkins-ci.plugins:ssh-agent
(Maven)
Jan 13, 2022
ProTip!
Advisories are also available from the
GraphQL API