Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

285 advisories

Loading
In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check... Critical Unreviewed
CVE-2019-7249 was published May 13, 2022
VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600... High Unreviewed
CVE-2019-5519 was published May 13, 2022
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV... High Unreviewed
CVE-2019-0836 was published May 13, 2022
A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in... Moderate Unreviewed
CVE-2018-16872 was published May 13, 2022
A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a... Moderate Unreviewed
CVE-2021-26350 was published May 12, 2022
TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a... Moderate Unreviewed
CVE-2021-26347 was published May 12, 2022
Race Condition in Grunt High
CVE-2022-1537 was published for grunt (npm) May 11, 2022
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Low Unreviewed
CVE-2013-4235 was published May 5, 2022
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain... Moderate Unreviewed
CVE-2004-0594 was published Apr 29, 2022
A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch... Moderate Unreviewed
CVE-2003-0813 was published Apr 29, 2022
libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and... Moderate Unreviewed
CVE-2012-5630 was published Apr 23, 2022
Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged... High Unreviewed
CVE-2011-4126 was published Apr 22, 2022
Time-of-check Time-of-use (TOCTOU) Race Condition vulerability in Foscam R2C IP camera running... High Unreviewed
CVE-2022-28743 was published Apr 22, 2022
An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the... Moderate Unreviewed
CVE-2022-25165 was published Apr 15, 2022
There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Logitech Sync for... High Unreviewed
CVE-2022-0915 was published Apr 13, 2022
Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability... Low Unreviewed
CVE-2022-24413 was published Apr 13, 2022
A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for... Moderate Unreviewed
CVE-2022-0280 was published Mar 12, 2022
JetBrains TeamCity before 2021.2 was vulnerable to a Time-of-check/Time-of-use (TOCTOU) race... High Unreviewed
CVE-2022-24335 was published Feb 26, 2022
B2 Command Line Tool TOCTOU application key disclosure Moderate
CVE-2022-23653 was published for b2 (pip) Feb 24, 2022
janschejbal
b2-sdk-python TOCTOU application key disclosure Moderate
CVE-2022-23651 was published for b2sdk (pip) Feb 24, 2022
janschejbal
VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way... High Unreviewed
CVE-2021-22043 was published Feb 17, 2022
Time-of-check Time-of-use (TOCTOU) Race Condition in chownr Low
CVE-2017-18869 was published for chownr (npm) Feb 10, 2022
tdunlap607
Insecure temporary file in Tensorflow High
CVE-2022-23563 was published for tensorflow (pip) Feb 9, 2022
TOCTOU Race Condition in Yarn Moderate
CVE-2019-15608 was published for yarn (npm) Feb 9, 2022
Potential proxy IP restriction bypass in Kubernetes Low
CVE-2020-8562 was published for k8s.io/kubernetes (Go) Feb 2, 2022
enj
ProTip! Advisories are also available from the GraphQL API