Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

115 advisories

Loading
Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) ... Moderate Unreviewed
CVE-2023-1585 was published Apr 19, 2023
Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the... Moderate Unreviewed
CVE-2022-38730 was published Apr 27, 2023
Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious... Moderate Unreviewed
CVE-2021-46792 was published May 9, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.7 before 15.8.5,... Moderate Unreviewed
CVE-2022-4143 was published Jun 28, 2023
IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of... Moderate Unreviewed
CVE-2023-33832 was published Jul 19, 2023
In audio, there is a possible out of bounds write due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2023-20785 was published Aug 7, 2023
In thermal, there is a possible use after free due to a race condition. This could lead to local... Moderate Unreviewed
CVE-2023-20788 was published Aug 7, 2023
In thermal, there is a possible use after free due to a race condition. This could lead to local... Moderate Unreviewed
CVE-2023-20787 was published Aug 7, 2023
Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated... Moderate Unreviewed
CVE-2023-28075 was published Aug 16, 2023
A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM... Moderate Unreviewed
CVE-2023-4155 was published Sep 13, 2023
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in telemetry processing of... Moderate Unreviewed
CVE-2023-44188 was published Oct 11, 2023
A Time of Check Time of Use (TOCTOU) vulnerability was reported in the Lenovo Vantage... Moderate Unreviewed
CVE-2022-3700 was published Oct 27, 2023
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM... Moderate Unreviewed
CVE-2023-20521 was published Nov 14, 2023
A TOCTOU race condition in Samsung Mobile Processor Exynos 9820, Exynos 980, Exynos 1080, Exynos... Moderate Unreviewed
CVE-2023-42483 was published Dec 13, 2023
TOCTOU race-condition vulnerability in Insyde InsydeH2O with Kernel 5.2 before version 05.27.29,... Moderate Unreviewed
CVE-2022-24351 was published Dec 16, 2023
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Ricard Torres Thumbs Rating... Moderate Unreviewed
CVE-2022-45809 was published Dec 19, 2023
A race condition in GitHub Enterprise Server was identified that could allow an attacker... Moderate Unreviewed
CVE-2023-46649 was published Dec 21, 2023
A race condition in GitHub Enterprise Server allows an outside collaborator to be added while a... Moderate Unreviewed
CVE-2023-6803 was published Dec 21, 2023
Windows Kernel Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-21362 was published Feb 13, 2024
Gradio apps vulnerable to timing attacks to guess password Moderate
CVE-2024-1729 was published for gradio (pip) Feb 22, 2024
In OpenBSD 7.4 before errata 009, a race condition between pf(4)'s processing of packets and... Moderate Unreviewed
CVE-2023-52556 was published Mar 1, 2024
Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain a TOCTOU race condition... Moderate Unreviewed
CVE-2024-0163 was published Mar 13, 2024
Race condition in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow... Moderate Unreviewed
CVE-2024-24692 was published Mar 13, 2024
OpenStack magnum vulnerable to time-of-check to time-of-use (TOCTOU) attack Moderate
CVE-2024-28718 was published for magnum (pip) Apr 12, 2024
A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on... Moderate Unreviewed
CVE-2024-2440 was published Apr 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database