GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
7 advisories
nginx-ui Backup Restore Allows Tampering with Encrypted Backups
Critical
CVE-2026-33026
was published
for
github.com/0xJacky/Nginx-UI
(Go)
Mar 30, 2026
Incus does not verify combined fingerprint when downloading images from simplestreams servers
High
CVE-2026-33542
was published
for
github.com/lxc/incus/v6/client
(Go)
Mar 27, 2026
go-git improperly verifies data integrity values for .idx and .pack files
Moderate
CVE-2026-25934
was published
for
github.com/go-git/go-git/v5
(Go)
Feb 10, 2026
Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapin
Moderate
CVE-2023-48795
was published
for
golang.org/x/crypto
(Go)
Dec 18, 2023
github.com/containers/image allows unexpected authenticated registry accesses
High
CVE-2024-3727
was published
for
github.com/containers/image
(Go)
May 14, 2024
Improper Validation of Integrity Check Value in go-tuf
High
CVE-2022-29173
was published
for
github.com/theupdateframework/go-tuf
(Go)
May 24, 2022
Execution Control List (ECL) Is Insecure in Singularity
High
CVE-2020-13845
was published
for
github.com/sylabs/singularity
(Go)
Dec 20, 2021
ProTip!
Advisories are also available from the
GraphQL API