GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
117 advisories
Filter by severity
The virtio_vq_recordon function is subject to a time-of-check to time-of-use (TOCTOU) race...
Moderate
Unreviewed
CVE-2024-51563
was published
Nov 12, 2024
NVIDIA Container Toolkit allows specially crafted container image to create empty files on the host file system
Moderate
CVE-2024-0133
was published
for
github.com/NVIDIA/nvidia-container-toolkit
(Go)
Oct 29, 2024
In the Linux kernel, the following vulnerability has been resolved:
net: dsa: improve shutdown...
Moderate
Unreviewed
CVE-2024-49998
was published
Oct 21, 2024
Magento Open Source Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
Moderate
CVE-2024-45120
was published
for
magento/community-edition
(Composer)
Oct 10, 2024
Duplicate Advisory: NVIDIA Container Toolkit allows specially crafted container image to create empty files on the host file system
Moderate
GHSA-g4pj-mx9f-m2mh
was published
for
github.com/NVIDIA/nvidia-container-toolkit
(Go)
Sep 26, 2024
•
withdrawn
This vulnerability occurs when an attacker exploits a race condition between the time a file is...
Moderate
Unreviewed
CVE-2024-6787
was published
Sep 21, 2024
Apache StreamPipes potentially allows creation of multiple identical accounts
Moderate
CVE-2024-30471
was published
for
org.apache.streampipes:streampipes-parent
(Maven)
Jul 17, 2024
Path traversal in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an...
Moderate
Unreviewed
CVE-2024-39826
was published
Jul 15, 2024
Race condition in the installer for Zoom Workplace App for Windows and Zoom Rooms App for Windows...
Moderate
Unreviewed
CVE-2024-39821
was published
Jul 15, 2024
A vulnerability was discovered in Samsung Mobile Processor Exynos 980, Exynos 990, Exynos 1080,...
Moderate
Unreviewed
CVE-2024-27361
was published
Jul 9, 2024
A race condition could lead to a cross-origin container obtaining permissions of the top-level...
Moderate
Unreviewed
CVE-2024-6601
was published
Jul 9, 2024
Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low...
Moderate
Unreviewed
CVE-2024-0171
was published
Jun 25, 2024
CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists that could
cause...
Moderate
Unreviewed
CVE-2024-5558
was published
Jun 12, 2024
Time-of-check Time-of-use race condition in Intel(R) Neural Compressor software before version 2...
Moderate
Unreviewed
CVE-2024-21792
was published
May 16, 2024
A race condition vulnerability exists in the mintplex-labs/anything-llm repository, specifically...
Moderate
Unreviewed
CVE-2024-2913
was published
May 7, 2024
WordOps has TOCTOU race condition
Moderate
CVE-2024-34528
was published
for
wordops
(pip)
May 6, 2024
In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via...
Moderate
Unreviewed
CVE-2022-48682
was published
Apr 26, 2024
A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on...
Moderate
Unreviewed
CVE-2024-2440
was published
Apr 19, 2024
OpenStack magnum vulnerable to time-of-check to time-of-use (TOCTOU) attack
Moderate
CVE-2024-28718
was published
for
magnum
(pip)
Apr 12, 2024
Race condition in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow...
Moderate
Unreviewed
CVE-2024-24692
was published
Mar 13, 2024
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain a TOCTOU race condition...
Moderate
Unreviewed
CVE-2024-0163
was published
Mar 13, 2024
In OpenBSD 7.4 before errata 009, a race condition between pf(4)'s processing of packets and...
Moderate
Unreviewed
CVE-2023-52556
was published
Mar 1, 2024
Gradio apps vulnerable to timing attacks to guess password
Moderate
CVE-2024-1729
was published
for
gradio
(pip)
Feb 22, 2024
Windows Kernel Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2024-21362
was published
Feb 13, 2024
A race condition in GitHub Enterprise Server allows an outside collaborator to be added while a...
Moderate
Unreviewed
CVE-2023-6803
was published
Dec 21, 2023
ProTip!
Advisories are also available from the
GraphQL API