GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,339
Composer 4,133
Erlang 29
GitHub Actions 19
Go 1,940
Maven 5,135
npm 3,677
NuGet 645
pip 3,295
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,815

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

278 advisories

Filter by severity

Sort by

Least recently updated

By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security... High Unreviewed

CVE-2021-23892 was published May 24, 2022

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a Time-of-check Time-of-use (TOCTOU) race... High Unreviewed

CVE-2021-21539 was published May 24, 2022

This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed

CVE-2021-31422 was published May 24, 2022

This vulnerability allows local attackers to disclose sensitive information on affected... Moderate Unreviewed

CVE-2021-31427 was published May 24, 2022

Potential arbitrary memory corruption when the qseecom driver updates ion physical addresses in... Moderate Unreviewed

CVE-2020-11230 was published May 24, 2022

While processing storage SCM commands there is a time of check or time of use window where a... Moderate Unreviewed

CVE-2020-11220 was published May 24, 2022

Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a... Moderate Unreviewed

CVE-2021-23977 was published May 24, 2022

Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is... High Unreviewed

CVE-2021-26910 was published May 24, 2022

A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to... High Unreviewed

CVE-2020-14418 was published May 24, 2022

Medtronic MyCareLink Smart 25000 all versions are vulnerable to a race condition in the MCL Smart... High Unreviewed

CVE-2020-27252 was published May 24, 2022

The Trusted Platform Modules (TPM) reference software may not properly track the number of times... Moderate Unreviewed

CVE-2020-12926 was published May 24, 2022

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017... High Unreviewed

CVE-2020-24428 was published May 24, 2022

Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web... Moderate Unreviewed

CVE-2020-27014 was published May 24, 2022

A race condition was addressed with additional validation. This issue is fixed in macOS Catalina... High Unreviewed

CVE-2020-9990 was published May 24, 2022

This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.6. A... Moderate Unreviewed

CVE-2020-9939 was published May 24, 2022

A memory corruption issue was addressed with improved memory handling. This issue is fixed in... High Unreviewed

CVE-2020-9921 was published May 24, 2022

VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before... Moderate Unreviewed

CVE-2020-3981 was published May 24, 2022

A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers... Moderate Unreviewed

CVE-2020-8332 was published May 24, 2022

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors,... High Unreviewed

CVE-2020-14375 was published May 24, 2022

In SurfaceFlinger, there is a possible use after free due to a race condition. This could lead to... Moderate Unreviewed

CVE-2020-0358 was published May 24, 2022

A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local... Moderate Unreviewed

CVE-2020-25212 was published May 24, 2022

u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to... Moderate Unreviewed

CVE-2020-3619 was published May 24, 2022

u'While processing SMCInvoke asynchronous message header, message count is modified leading to a... Moderate Unreviewed

CVE-2019-14119 was published May 24, 2022

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly... High Unreviewed

CVE-2020-1337 was published May 24, 2022

TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and... Moderate Unreviewed

CVE-2020-15702 was published May 24, 2022

Previous 1 2 … 7 8 9 10 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

278 advisories