Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,765
Maven
4,990
npm
3,536
NuGet
616
pip
3,105
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+

281 advisories

Loading
An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x... High Unreviewed
CVE-2024-39936 was published Jul 4, 2024
OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password... High Unreviewed
CVE-2024-39894 was published Jul 2, 2024
Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low... Moderate Unreviewed
CVE-2024-0171 was published Jun 25, 2024
CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists that could cause... Moderate Unreviewed
CVE-2024-5558 was published Jun 12, 2024
Windows Perception Service Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-35265 was published Jun 11, 2024
Windows Kernel Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-30099 was published Jun 11, 2024
Windows Kernel Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-30088 was published Jun 11, 2024
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-30084 was published Jun 11, 2024
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service... High Unreviewed
CVE-2024-36304 was published Jun 11, 2024
A race condition vulnerability exists where an authenticated, local attacker on a Windows Nessus... High Unreviewed
CVE-2024-3290 was published May 17, 2024
A race condition vulnerability exists where an authenticated, local attacker on a Windows Nessus... High Unreviewed
CVE-2024-3292 was published May 17, 2024
Time-of-check Time-of-use race condition in Intel(R) Neural Compressor software before version 2... Moderate Unreviewed
CVE-2024-21792 was published May 16, 2024
A local attacker with low... High Unreviewed
CVE-2024-28137 was published May 14, 2024
An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8_NOE-R300.1.40.12.4180... High Unreviewed
CVE-2024-29149 was published May 7, 2024
A race condition vulnerability exists in the mintplex-labs/anything-llm repository, specifically... Moderate Unreviewed
CVE-2024-2913 was published May 7, 2024
Memory corruption while loading a VM from a signed VM image that is not coherent in the processor... High Unreviewed
CVE-2023-33119 was published May 6, 2024
Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability. This vulnerability... Critical Unreviewed
CVE-2023-32156 was published May 3, 2024
Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2023-27323 was published May 3, 2024
Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2023-27327 was published May 3, 2024
Anti-tampering protection of the Zscaler Client Connector can be bypassed under certain... High Unreviewed
CVE-2024-23463 was published Apr 30, 2024
OpenStack Storlets arbitrary code execution vulnerability High
CVE-2024-28717 was published for storlets (pip) Apr 22, 2024
A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on... Moderate Unreviewed
CVE-2024-2440 was published Apr 19, 2024
A Race Condition (TOCTOU) vulnerability in web component of Ivanti Avalanche before 6.4.3 allows... High Unreviewed
CVE-2024-24995 was published Apr 19, 2024
A Race Condition (TOCTOU) vulnerability in web component of Ivanti Avalanche before 6.4.3 allows... High Unreviewed
CVE-2024-24993 was published Apr 19, 2024
OpenStack magnum vulnerable to time-of-check to time-of-use (TOCTOU) attack Moderate
CVE-2024-28718 was published for magnum (pip) Apr 12, 2024
ProTip! Advisories are also available from the GraphQL API