Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

117 advisories

Loading
A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local... Moderate Unreviewed
CVE-2020-25212 was published May 24, 2022
This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.6. A... Moderate Unreviewed
CVE-2020-9939 was published May 24, 2022
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before... Moderate Unreviewed
CVE-2020-3981 was published May 24, 2022
Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web... Moderate Unreviewed
CVE-2020-27014 was published May 24, 2022
Time-of-check Time-of-use (TOCTOU) Race Condition in Jenkins Moderate
CVE-2021-21615 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
The Trusted Platform Modules (TPM) reference software may not properly track the number of times... Moderate Unreviewed
CVE-2020-12926 was published May 24, 2022
Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a... Moderate Unreviewed
CVE-2021-23977 was published May 24, 2022
While processing storage SCM commands there is a time of check or time of use window where a... Moderate Unreviewed
CVE-2020-11220 was published May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2021-31427 was published May 24, 2022
Potential arbitrary memory corruption when the qseecom driver updates ion physical addresses in... Moderate Unreviewed
CVE-2020-11230 was published May 24, 2022
When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE)... Moderate Unreviewed
CVE-2021-0289 was published May 24, 2022
Time-of-check time-of-use vulnerability in the Crypto API Toolkit for Intel(R) SGX may allow a... Moderate Unreviewed
CVE-2021-33097 was published May 24, 2022
In jpeg, there is a possible use after free due to a race condition. This could lead to local... Moderate Unreviewed
CVE-2022-32608 was published Nov 9, 2022
A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a... Moderate Unreviewed
CVE-2021-26350 was published May 12, 2022
A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd... Moderate Unreviewed
CVE-2022-29800 was published Sep 22, 2022
Insufficient Session Expiration and TOCTOU Race Condition in OPC FOundation UA .Net Standard Moderate
CVE-2020-8867 was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Aug 2, 2021
An Allocation of Resources Without Limits or Throttling weakness in the memory management of the... Moderate Unreviewed
CVE-2023-22397 was published Jan 13, 2023
TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially... Moderate Unreviewed
CVE-2023-20523 was published Jan 11, 2023
Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows... Moderate Unreviewed
CVE-2017-11830 was published May 13, 2022
In isp, there is a possible out of bounds write due to a race condition. This could lead to local... Moderate Unreviewed
CVE-2022-32638 was published Jan 3, 2023
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd... Moderate Unreviewed
CVE-2022-22220 was published Oct 18, 2022
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the Routing Protocol Daemon ... Moderate Unreviewed
CVE-2022-22225 was published Oct 18, 2022
On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all... Moderate Unreviewed
CVE-2022-23029 was published Jan 26, 2022
TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and... Moderate Unreviewed
CVE-2020-15702 was published May 24, 2022
A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in... Moderate Unreviewed
CVE-2018-16872 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database