Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

180 advisories

Loading
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS... High Unreviewed
CVE-2022-48618 was published Jan 9, 2024
Buildkite Elastic CI for AWS time-of-check-time-of-use race condition vulnerability High
CVE-2023-43741 was published for github.com/buildkite/elastic-ci-stack-for-aws/v6 (Go) Dec 22, 2023
FoodCoopShop Server-Side Request Forgery vulnerability High
CVE-2023-46725 was published for foodcoopshop/foodcoopshop (Composer) Nov 2, 2023
asesidaa mrothauer
A privilege elevation vulnerability was reported in the Lenovo Vantage SystemUpdate plugin... High Unreviewed
CVE-2022-3701 was published Oct 27, 2023
A denial of service vulnerability was reported in Lenovo Vantage HardwareScan Plugin version 1.3... High Unreviewed
CVE-2022-3702 was published Oct 27, 2023
A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU)... High Unreviewed
CVE-2023-38041 was published Oct 25, 2023
VMware Fusion(13.x prior to 13.5) contains a TOCTOU (Time-of-check Time-of-use) vulnerability... High Unreviewed
CVE-2023-34046 was published Oct 20, 2023
An issue in CatoNetworks CatoClient before v.5.4.0 allows attackers to escalate privileges and... High Unreviewed
CVE-2023-43976 was published Oct 3, 2023
Race condition in Lapce v0.2.8 allows an attacker to elevate privileges on the system High Unreviewed
CVE-2023-3891 was published Sep 15, 2023
Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation... High Unreviewed
CVE-2022-47631 was published Sep 15, 2023
A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated,... High Unreviewed
CVE-2023-20135 was published Sep 13, 2023
BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU... High Unreviewed
CVE-2023-27470 was published Sep 11, 2023
Unity Parsec before 8 has a TOCTOU race condition that permits local attackers to escalate... High Unreviewed
CVE-2023-37250 was published Aug 20, 2023
The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in... High Unreviewed
CVE-2023-28576 was published Aug 8, 2023
Microsoft Outlook Security Feature Bypass Vulnerability High Unreviewed
CVE-2023-35311 was published Jul 11, 2023
Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE... High Unreviewed
CVE-2022-43946 was published Jul 6, 2023
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP... High Unreviewed
CVE-2023-26299 was published Jun 30, 2023
A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in... High Unreviewed
CVE-2023-1295 was published Jun 28, 2023
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service... High Unreviewed
CVE-2023-32555 was published Jun 27, 2023
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service... High Unreviewed
CVE-2023-32554 was published Jun 27, 2023
The Netskope client service (prior to R96) on Windows runs as NT AUTHORITY\SYSTEM which writes... High Unreviewed
CVE-2022-4149 was published Jun 15, 2023
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products,... High Unreviewed
CVE-2022-31642 was published Jun 14, 2023
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products,... High Unreviewed
CVE-2022-31641 was published Jun 14, 2023
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products,... High Unreviewed
CVE-2022-31640 was published Jun 14, 2023
NuGet Client Remote Code Execution Vulnerability High
CVE-2023-29337 was published for Microsoft.Build.NuGetSdkResolver (NuGet) Jun 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database