GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
285 advisories
Filter by severity
IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of...
Moderate
Unreviewed
CVE-2023-33832
was published
Jul 19, 2023
topgrade Time-of-check Time-of-use (TOCTOU) Race Condition in remove_dir_all
Low
GHSA-f2wx-xjfw-xjv6
was published
for
topgrade
(Rust)
Jul 17, 2023
Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE...
High
Unreviewed
CVE-2022-43946
was published
Jul 6, 2023
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP...
High
Unreviewed
CVE-2023-26299
was published
Jun 30, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.7 before 15.8.5,...
Moderate
Unreviewed
CVE-2022-4143
was published
Jun 28, 2023
A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in...
High
Unreviewed
CVE-2023-1295
was published
Jun 28, 2023
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service...
High
Unreviewed
CVE-2023-32555
was published
Jun 27, 2023
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service...
High
Unreviewed
CVE-2023-32554
was published
Jun 27, 2023
The Netskope client service (prior to R96) on Windows runs as NT AUTHORITY\SYSTEM which writes...
High
Unreviewed
CVE-2022-4149
was published
Jun 15, 2023
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products,...
High
Unreviewed
CVE-2022-31640
was published
Jun 14, 2023
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products,...
High
Unreviewed
CVE-2022-31641
was published
Jun 14, 2023
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products,...
High
Unreviewed
CVE-2022-31642
was published
Jun 14, 2023
NuGet Client Remote Code Execution Vulnerability
High
CVE-2023-29337
was published
for
Microsoft.Build.NuGetSdkResolver
(NuGet)
Jun 14, 2023
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS...
High
Unreviewed
CVE-2022-31638
was published
Jun 13, 2023
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS...
High
Unreviewed
CVE-2022-31635
was published
Jun 13, 2023
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS...
High
Unreviewed
CVE-2022-31636
was published
Jun 13, 2023
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS...
High
Unreviewed
CVE-2022-31637
was published
Jun 13, 2023
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS...
High
Unreviewed
CVE-2022-31639
was published
Jun 13, 2023
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP...
High
Unreviewed
CVE-2022-43778
was published
Jun 12, 2023
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP...
High
Unreviewed
CVE-2022-27541
was published
Jun 12, 2023
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP...
High
Unreviewed
CVE-2022-43777
was published
Jun 12, 2023
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP...
High
Unreviewed
CVE-2022-27539
was published
Jun 12, 2023
Videostream macOS app 0.5.0 and 0.4.3 has a Race Condition. The Updater privileged script...
High
Unreviewed
CVE-2023-25394
was published
May 17, 2023
Time-of-check Time-of-use (TOCTOU) in the
BIOS2PSP command may allow an attacker with a malicious...
Moderate
Unreviewed
CVE-2021-46792
was published
May 9, 2023
A TOCTOU in ASP bootloader may allow an attacker
to tamper with the SPI ROM following data read...
High
Unreviewed
CVE-2021-26356
was published
May 9, 2023
ProTip!
Advisories are also available from the
GraphQL API