Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,705
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

322 advisories

Loading
Windows Kernel Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2024-21362 was published Feb 13, 2024
Memory corruption in Trusted Execution Environment while deinitializing an object used for... High Unreviewed
CVE-2023-33046 was published Feb 6, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS... High Unreviewed
CVE-2022-48618 was published Jan 9, 2024
Buildkite Elastic CI for AWS time-of-check-time-of-use race condition vulnerability High
CVE-2023-43741 was published for github.com/buildkite/elastic-ci-stack-for-aws/v6 (Go) Dec 22, 2023
A race condition in GitHub Enterprise Server allows an outside collaborator to be added while a... Moderate Unreviewed
CVE-2023-6803 was published Dec 21, 2023
A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on... Low Unreviewed
CVE-2023-6690 was published Dec 21, 2023
A race condition in GitHub Enterprise Server was identified that could allow an attacker... Moderate Unreviewed
CVE-2023-46649 was published Dec 21, 2023
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Ricard Torres Thumbs Rating... Moderate Unreviewed
CVE-2022-45809 was published Dec 19, 2023
TOCTOU race-condition vulnerability in Insyde InsydeH2O with Kernel 5.2 before version 05.27.29,... Moderate Unreviewed
CVE-2022-24351 was published Dec 16, 2023
A TOCTOU race condition in Samsung Mobile Processor Exynos 9820, Exynos 980, Exynos 1080, Exynos... Moderate Unreviewed
CVE-2023-42483 was published Dec 13, 2023
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in YetAnotherStarsRating.Com YASR... Low Unreviewed
CVE-2023-37867 was published Nov 30, 2023
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM... Moderate Unreviewed
CVE-2023-20521 was published Nov 14, 2023
A time-of-check to time-of-use (TOCTOU) bug in handling of IOCTL (input/output control) requests.... Low Unreviewed
CVE-2023-5760 was published Nov 8, 2023
FoodCoopShop Server-Side Request Forgery vulnerability High
CVE-2023-46725 was published for foodcoopshop/foodcoopshop (Composer) Nov 2, 2023
asesidaa mrothauer
A denial of service vulnerability was reported in Lenovo Vantage HardwareScan Plugin version 1.3... High Unreviewed
CVE-2022-3702 was published Oct 27, 2023
A privilege elevation vulnerability was reported in the Lenovo Vantage SystemUpdate plugin... High Unreviewed
CVE-2022-3701 was published Oct 27, 2023
A Time of Check Time of Use (TOCTOU) vulnerability was reported in the Lenovo Vantage... Moderate Unreviewed
CVE-2022-3700 was published Oct 27, 2023
A logged in user may elevate its permissions by abusing a Time-of-Check to Time-of-Use (TOCTOU)... High Unreviewed
CVE-2023-38041 was published Oct 25, 2023
VMware Fusion(13.x prior to 13.5) contains a TOCTOU (Time-of-check Time-of-use) vulnerability... High Unreviewed
CVE-2023-34046 was published Oct 20, 2023
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in telemetry processing of... Moderate Unreviewed
CVE-2023-44188 was published Oct 11, 2023
An issue in CatoNetworks CatoClient before v.5.4.0 allows attackers to escalate privileges and... High Unreviewed
CVE-2023-43976 was published Oct 3, 2023
he vulnerability is to delete arbitrary files in LGInstallService ("com.lge.lginstallservies")... Low Unreviewed
CVE-2023-44128 was published Sep 27, 2023
Race condition in Lapce v0.2.8 allows an attacker to elevate privileges on the system High Unreviewed
CVE-2023-3891 was published Sep 15, 2023
Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation... High Unreviewed
CVE-2022-47631 was published Sep 15, 2023
A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated,... High Unreviewed
CVE-2023-20135 was published Sep 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database