GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
325 advisories
Filter by severity
A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers...
Moderate
Unreviewed
CVE-2020-8332
was published
May 24, 2022
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors,...
High
Unreviewed
CVE-2020-14375
was published
May 24, 2022
In SurfaceFlinger, there is a possible use after free due to a race condition. This could lead to...
Moderate
Unreviewed
CVE-2020-0358
was published
May 24, 2022
A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local...
Moderate
Unreviewed
CVE-2020-25212
was published
May 24, 2022
u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to...
Moderate
Unreviewed
CVE-2020-3619
was published
May 24, 2022
u'While processing SMCInvoke asynchronous message header, message count is modified leading to a...
Moderate
Unreviewed
CVE-2019-14119
was published
May 24, 2022
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly...
High
Unreviewed
CVE-2020-1337
was published
May 24, 2022
TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and...
Moderate
Unreviewed
CVE-2020-15702
was published
May 24, 2022
In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4...
Moderate
Unreviewed
CVE-2020-7460
was published
May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
Moderate
Unreviewed
CVE-2020-14677
was published
May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
Moderate
Unreviewed
CVE-2020-14674
was published
May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
Moderate
Unreviewed
CVE-2020-14675
was published
May 24, 2022
CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The...
Low
Unreviewed
CVE-2020-13882
was published
May 24, 2022
A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client...
Moderate
Unreviewed
CVE-2020-13162
was published
May 24, 2022
VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware...
Moderate
Unreviewed
CVE-2020-3957
was published
May 24, 2022
Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport...
Low
Unreviewed
CVE-2020-8833
was published
May 24, 2022
A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive...
Low
Unreviewed
CVE-2020-8017
was published
May 24, 2022
A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of...
Moderate
Unreviewed
CVE-2020-8016
was published
May 24, 2022
Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that...
Moderate
Unreviewed
CVE-2019-11482
was published
May 24, 2022
In onCreate of InstallStart.java, there is a possible package validation bypass due to a time-of...
Low
Unreviewed
CVE-2020-0003
was published
May 24, 2022
Race condition between the camera functions due to lack of resource lock which will lead to...
Moderate
Unreviewed
CVE-2019-10494
was published
May 24, 2022
The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug;...
Moderate
Unreviewed
CVE-2019-18644
was published
May 24, 2022
Prior to 0.1, all builds of Eclipse OMR contain a bug where the loop versioner may fail to...
High
Unreviewed
CVE-2019-11774
was published
May 24, 2022
Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10...
High
Unreviewed
CVE-2019-7307
was published
May 24, 2022
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle...
High
Unreviewed
CVE-2019-1065
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API