GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
21,884 advisories
Vite bypasses server.fs.deny when using ?raw??
Moderate
CVE-2025-30208
was published
for
vite
(npm)
Mar 25, 2025
ngress-nginx controller - configuration injection via unsanitized auth-tls-match-cn annotation
High
CVE-2025-1097
was published
for
k8s.io/ingress-nginx
(Go)
Mar 25, 2025
ingress-nginx controller - configuration injection via unsanitized mirror annotations
High
CVE-2025-1098
was published
for
k8s.io/ingress-nginx
(Go)
Mar 25, 2025
ingress-nginx admission controller RCE escalation
Critical
CVE-2025-1974
was published
for
k8s.io/ingress-nginx
(Go)
Mar 25, 2025
ingress-nginx controller - auth secret file path traversal vulnerability
Moderate
CVE-2025-24513
was published
for
k8s.io/ingress-nginx
(Go)
Mar 25, 2025
ingress-nginx controller - configuration injection via unsanitized auth-url annotation
High
CVE-2025-24514
was published
for
k8s.io/ingress-nginx
(Go)
Mar 25, 2025
Cilium node based network policies may incorrectly allow workload traffic
Low
CVE-2025-30163
was published
for
Ciliumgithub.com/cilium/cilium
(Go)
Mar 24, 2025
Kyverno ignores subjectRegExp and IssuerRegExp
Moderate
CVE-2025-29778
was published
for
github.com/kyverno/kyverno
(Go)
Mar 24, 2025
Cilium East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers
Low
CVE-2025-30162
was published
for
github.com/cilium/cilium
(Go)
Mar 24, 2025
API Platform Core does not call GraphQl securityAfterResolver
Moderate
CVE-2025-23204
was published
for
api-platform/core
(Composer)
Mar 24, 2025
ProTip!
Advisories are also available from the
GraphQL API