GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,715
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
101 advisories
Filter by severity
A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for...
Moderate
Unreviewed
CVE-2022-0280
was published
Mar 12, 2022
An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the...
Moderate
Unreviewed
CVE-2022-25165
was published
Apr 15, 2022
In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4...
Moderate
Unreviewed
CVE-2020-7460
was published
May 24, 2022
A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and...
Moderate
Unreviewed
CVE-2021-4001
was published
Jan 22, 2022
TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a...
Moderate
Unreviewed
CVE-2021-26347
was published
May 12, 2022
A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for...
Moderate
Unreviewed
CVE-2021-1567
was published
May 24, 2022
A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow...
Moderate
Unreviewed
CVE-2022-33691
was published
Jul 13, 2022
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0,...
Moderate
Unreviewed
CVE-2018-6693
was published
May 13, 2022
A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of...
Moderate
Unreviewed
CVE-2020-8016
was published
May 24, 2022
A TOCTOU (time-of-check to time-of-use) vulnerability exists where an attacker may use a...
Moderate
Unreviewed
CVE-2021-46795
was published
Jan 11, 2023
Race condition between the camera functions due to lack of resource lock which will lead to...
Moderate
Unreviewed
CVE-2019-10494
was published
May 24, 2022
DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe...
Moderate
Unreviewed
CVE-2022-32266
was published
Nov 15, 2022
DMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software...
Moderate
Unreviewed
CVE-2022-32267
was published
Nov 15, 2022
VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware...
Moderate
Unreviewed
CVE-2020-3957
was published
May 24, 2022
Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may...
Moderate
Unreviewed
CVE-2022-21198
was published
Nov 11, 2022
DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could...
Moderate
Unreviewed
CVE-2022-33986
was published
Nov 15, 2022
DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after...
Moderate
Unreviewed
CVE-2022-30773
was published
Nov 15, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
Moderate
Unreviewed
CVE-2020-14677
was published
May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
Moderate
Unreviewed
CVE-2020-14675
was published
May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
Moderate
Unreviewed
CVE-2020-14674
was published
May 24, 2022
u'While processing SMCInvoke asynchronous message header, message count is modified leading to a...
Moderate
Unreviewed
CVE-2019-14119
was published
May 24, 2022
u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to...
Moderate
Unreviewed
CVE-2020-3619
was published
May 24, 2022
In SurfaceFlinger, there is a possible use after free due to a race condition. This could lead to...
Moderate
Unreviewed
CVE-2020-0358
was published
May 24, 2022
A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers...
Moderate
Unreviewed
CVE-2020-8332
was published
May 24, 2022
A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local...
Moderate
Unreviewed
CVE-2020-25212
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API