Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,270
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,517
Pub
12
RubyGems
998
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

13 advisories

Loading
dhowden tag panic due to out-of-bounds read Moderate
CVE-2020-29243 was published for github.com/dhowden/tag (Go) May 24, 2022
dhowden tag panic due to out-of-bounds read Moderate
CVE-2020-29245 was published for github.com/dhowden/tag (Go) May 24, 2022
dhowden tag panic due to out-of-bounds read Moderate
CVE-2020-29244 was published for github.com/dhowden/tag (Go) May 24, 2022
etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic Moderate
CVE-2020-15112 was published for go.etcd.io/etcd/v3 (Go) Oct 6, 2022
Denial of Service in dhowden/tag Moderate
CVE-2020-29242 was published for github.com/dhowden/tag (Go) Feb 7, 2023
Index out of bounds leading to crash Moderate
CVE-2023-36307 was published for simonwaldherr.de/go/zplgfa (Go) Sep 5, 2023
Improper Validation of Array Index in github.com/greenpau/caddy-security Moderate
CVE-2024-21493 was published for github.com/greenpau/caddy-security (Go) Feb 17, 2024
onos-lib-go allows an index out-of-range panic Moderate
CVE-2025-30077 was published for github.com/onosproject/onos-lib-go (Go) Mar 16, 2025
Metricbeat affected by multiple denial of service vulnerabilities Moderate
CVE-2026-0528 was published for github.com/elastic/beats/v7 (Go) Jan 13, 2026
cert-manager-controller DoS via Specially Crafted DNS Response Moderate
CVE-2026-25518 was published for github.com/cert-manager/cert-manager (Go) Feb 2, 2026
1seal Credited to 1seal and SgtCoDFish SgtCoDFish SgtCoDFish
Fiber has a Denial of Service Vulnerability via Route Parameter Overflow Moderate
CVE-2026-25882 was published for github.com/gofiber/fiber/v2 (Go) Feb 24, 2026
sixcolors Credited to sixcolors, TheAspectDev, gaby, and ReneWerner87 TheAspectDev TheAspectDev
gaby gaby ReneWerner87 ReneWerner87
Ella Core panics on invalid PDU Session IDs in NGAP messages Moderate
CVE-2026-33281 was published for github.com/ellanetworks/core (Go) Mar 19, 2026
p1-aji Credited to p1-aji
Packetbeat does not properly validate an array index in multiple protocol parser components Moderate
CVE-2026-26933 was published for github.com/elastic/beats/v7 (Go) Mar 19, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database