GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,436
Erlang
29
GitHub Actions
16
Go
1,661
Maven
4,922
npm
3,450
NuGet
594
pip
2,840
Pub
10
RubyGems
823
Rust
764
Swift
34
Unreviewed advisories
All unreviewed
5,000+
22,911 advisories
Filter by severity
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to SQL injection. A remote...
Moderate
Unreviewed
CVE-2021-20451
was published
May 3, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames...
Moderate
Unreviewed
CVE-2021-20556
was published
May 3, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 does not set the secure attribute on...
Moderate
Unreviewed
CVE-2021-20450
was published
May 3, 2024
Hengan Weighing Management Information Query Platform 2019-2021 53.25 was discovered to contain a...
Unknown
Unreviewed
CVE-2024-33787
was published
May 3, 2024
An Improper Link Resolution Before File Access ('Link Following') vulnerability in Zscaler Client...
Moderate
Unreviewed
CVE-2023-41971
was published
May 2, 2024
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on...
Moderate
Unreviewed
CVE-2024-23461
was published
May 2, 2024
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on...
Low
Unreviewed
CVE-2024-23462
was published
May 2, 2024
In the Linux kernel, the following vulnerability has been resolved:
nouveau: lock the client...
Unknown
Unreviewed
CVE-2024-27062
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
arm64: hibernate: Fix level3...
Unknown
Unreviewed
CVE-2024-26989
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
nouveau: fix instmem race...
Unknown
Unreviewed
CVE-2024-26984
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix double...
Unknown
Unreviewed
CVE-2024-26929
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
scsi: qla2xxx: Fix command...
Unknown
Unreviewed
CVE-2024-26931
was published
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
ice: Fix crash by keep old...
Unknown
Unreviewed
CVE-2022-48652
was published
Apr 28, 2024
In the Linux kernel, the following vulnerability has been resolved:
ice: Don't double unplug aux...
Unknown
Unreviewed
CVE-2022-48653
was published
Apr 28, 2024
In the Linux kernel, the following vulnerability has been resolved:
bonding: fix NULL deref in...
Unknown
Unreviewed
CVE-2022-48640
was published
Apr 28, 2024
Rancher does not properly specify ApiGroup when creating Kubernetes RBAC resources
High
CVE-2021-25318
was published
for
github.com/rancher/rancher
(Go)
Apr 24, 2024
Rancher Privilege escalation vulnerability via malicious "Connection" header
High
CVE-2021-31999
was published
for
github.com/rancher/rancher
(Go)
Apr 24, 2024
Rancher's Steve API Component Improper authorization check allows privilege escalation
High
CVE-2021-36776
was published
for
github.com/rancher/rancher
(Go)
Apr 24, 2024
Rancher's Failure to delete orphaned role bindings does not revoke project level access from group based authentication
High
CVE-2021-36775
was published
for
github.com/rancher/rancher
(Go)
Apr 24, 2024
Buffer Overflow in gitea
High
CVE-2021-3382
was published
for
github.com/go-gitea/gitea
(Go)
Apr 24, 2024
Arbitrary Code Execution in Gitea
High
CVE-2020-14144
was published
for
code.gitea.io/gitea
(Go)
Apr 22, 2024
In the Linux kernel, the following vulnerability has been resolved:
nfs: fix panic when...
Unknown
Unreviewed
CVE-2024-26868
was published
Apr 17, 2024
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: fix null...
Unknown
Unreviewed
CVE-2021-47211
was published
Apr 10, 2024
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: kTLS, Fix crash...
Unknown
Unreviewed
CVE-2021-47215
was published
Apr 10, 2024
In the Linux kernel, the following vulnerability has been resolved:
usb: typec: tipd: Remove...
Unknown
Unreviewed
CVE-2021-47210
was published
Apr 10, 2024
ProTip!
Advisories are also available from the
GraphQL API