GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
306 advisories
Filter by severity
dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2...
High
Unreviewed
CVE-2013-3888
was published
May 13, 2022
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the AgentD process of...
High
Unreviewed
CVE-2024-47494
was published
Oct 11, 2024
Magento Open Source Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
Moderate
CVE-2024-45120
was published
for
magento/community-edition
(Composer)
Oct 10, 2024
Wasmtime race condition could lead to WebAssembly control-flow integrity and type safety violations
Low
CVE-2024-47813
was published
for
wasmtime
(Rust)
Oct 9, 2024
Windows Kernel Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-43511
was published
Oct 8, 2024
The AVGUI.exe of AVG/Avast Antivirus before versions before 24.1 can allow a local attacker to...
High
Unreviewed
CVE-2024-5803
was published
Oct 3, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.9 before 16...
Critical
Unreviewed
CVE-2023-4008
was published
Aug 3, 2023
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow
an attacker with ring0 privileges and...
High
Unreviewed
CVE-2023-20578
was published
Aug 13, 2024
This vulnerability occurs when an attacker exploits a race condition between the time a file is...
Moderate
Unreviewed
CVE-2024-6787
was published
Sep 21, 2024
NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU)...
Critical
Unreviewed
CVE-2024-0132
was published
Sep 26, 2024
NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of...
Moderate
Unreviewed
CVE-2024-0133
was published
Sep 26, 2024
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are...
High
Unreviewed
CVE-2024-39420
was published
Aug 14, 2024
A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online...
High
Unreviewed
CVE-2024-27114
was published
Sep 11, 2024
OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password...
High
Unreviewed
CVE-2024-39894
was published
Jul 2, 2024
B2 Command Line Tool TOCTOU application key disclosure
Moderate
CVE-2022-23653
was published
for
b2
(pip)
Feb 24, 2022
b2-sdk-python TOCTOU application key disclosure
Moderate
CVE-2022-23651
was published
for
b2sdk
(pip)
Feb 24, 2022
In the Linux kernel, the following vulnerability has been resolved:
exec: Fix ToCToU between...
High
Unreviewed
CVE-2024-43882
was published
Aug 21, 2024
The total size of the user-provided nmreq to nmreq_copyin() was first computed and then trusted...
High
Unreviewed
CVE-2022-23084
was published
Feb 15, 2024
A potential Time-of-Check to Time-of Use (TOCTOU) vulnerability has been identified in the HP...
High
Unreviewed
CVE-2022-27540
was published
Jun 29, 2024
There is a race condition in the 'replaced executable' detection that, with the correct local...
High
Unreviewed
CVE-2021-3899
was published
Jun 3, 2024
Microsoft Outlook Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2023-35311
was published
Jul 11, 2023
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are...
High
Unreviewed
CVE-2024-39425
was published
Aug 14, 2024
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38186
was published
Aug 13, 2024
Windows Kernel Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38153
was published
Aug 13, 2024
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object...
High
Unreviewed
CVE-2024-7348
was published
Aug 8, 2024
ProTip!
Advisories are also available from the
GraphQL API