Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

285 advisories

Loading
DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could... Moderate Unreviewed
CVE-2022-33986 was published Nov 15, 2022
DMA transactions which are targeted at input buffers used for the HddPassword software SMI... High Unreviewed
CVE-2022-33909 was published Nov 15, 2022
DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler... High Unreviewed
CVE-2022-33905 was published Nov 15, 2022
DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI... High Unreviewed
CVE-2022-33983 was published Nov 15, 2022
DMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software... Moderate Unreviewed
CVE-2022-32267 was published Nov 15, 2022
DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI... Moderate Unreviewed
CVE-2022-33906 was published Nov 15, 2022
DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after... Moderate Unreviewed
CVE-2022-30774 was published Nov 15, 2022
Update description and links DMA transactions which are targeted at input buffers used for the... Moderate Unreviewed
CVE-2022-31243 was published Nov 15, 2022
DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI... High Unreviewed
CVE-2022-33984 was published Nov 15, 2022
Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may... Moderate Unreviewed
CVE-2022-21198 was published Nov 11, 2022
In jpeg, there is a possible use after free due to a race condition. This could lead to local... Moderate Unreviewed
CVE-2022-32608 was published Nov 9, 2022
Memory corruption in display due to time-of-check time-of-use of metadata reserved size in... High Unreviewed
CVE-2022-33214 was published Oct 19, 2022
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd... Moderate Unreviewed
CVE-2022-22220 was published Oct 18, 2022
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the Routing Protocol Daemon ... Moderate Unreviewed
CVE-2022-22225 was published Oct 18, 2022
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One Vulnerability Protection... High Unreviewed
CVE-2022-41744 was published Oct 11, 2022
etcd vulnerable to TOCTOU of gateway endpoint authentication Low
GHSA-h8g9-6gvh-5mrc was published for go.etcd.io/etcd/v3 (Go) Oct 6, 2022
A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd... Moderate Unreviewed
CVE-2022-29800 was published Sep 22, 2022
Memory corruption or temporary denial of service due to improper handling of concurrent... High Unreviewed
CVE-2022-22093 was published Sep 17, 2022
Memory corruption in display due to time-of-check time-of-use race condition during map or unmap... High Unreviewed
CVE-2022-25696 was published Sep 17, 2022
memory corruption in Kernel due to race condition while getting mapping reference in Snapdragon... High Unreviewed
CVE-2022-22094 was published Sep 17, 2022
Dell BIOS contains a race condition vulnerability. A local attacker could exploit this... High Unreviewed
CVE-2022-26859 was published Sep 7, 2022
A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race... Moderate Unreviewed
CVE-2022-1974 was published Sep 1, 2022
A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to... Moderate Unreviewed
CVE-2021-35937 was published Aug 26, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2022-34899 was published Jul 19, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2021-34986 was published Jul 16, 2022
ProTip! Advisories are also available from the GraphQL API