Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,855
Erlang
36
GitHub Actions
35
Go
2,481
Maven
5,000+
npm
4,102
NuGet
734
pip
3,915
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

218 advisories

Loading
Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent... High Unreviewed
CVE-2021-1921 was published May 24, 2022
A vulnerability in the shared library loading mechanism of Cisco AnyConnect Secure Mobility... High Unreviewed
CVE-2021-34788 was published May 24, 2022
All versions of the Zoom Plugin for Microsoft Outlook for MacOS before 5.3.52553.0918 contain a... High Unreviewed
CVE-2021-34413 was published May 24, 2022
A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks... High Unreviewed
CVE-2021-3054 was published May 24, 2022
There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Huawei Smartphone.... High Unreviewed
CVE-2021-22369 was published May 24, 2022
Race condition in Apache Tomcat High
CVE-2022-23181 was published for org.apache.tomcat:tomcat (Maven) Feb 1, 2022
While waiting for a response to a callback or listener request, non-secure clients can change... High Unreviewed
CVE-2020-11298 was published May 24, 2022
Time-of-check time-of-use race condition While processing partition entries due to newly created... High Unreviewed
CVE-2020-11233 was published May 24, 2022
Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a Time-of-check Time-of-use (TOCTOU) race... High Unreviewed
CVE-2021-21539 was published May 24, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2021-31422 was published May 24, 2022
A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to... High Unreviewed
CVE-2020-14418 was published May 24, 2022
Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is... High Unreviewed
CVE-2021-26910 was published May 24, 2022
A race condition was addressed with additional validation. This issue is fixed in macOS Catalina... High Unreviewed
CVE-2020-9990 was published May 24, 2022
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017... High Unreviewed
CVE-2020-24428 was published May 24, 2022
A memory corruption issue was addressed with improved memory handling. This issue is fixed in... High Unreviewed
CVE-2020-9921 was published May 24, 2022
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors,... High Unreviewed
CVE-2020-14375 was published May 24, 2022
memory corruption in Kernel due to race condition while getting mapping reference in Snapdragon... High Unreviewed
CVE-2022-22094 was published Sep 17, 2022
DMA transactions which are targeted at input buffers used for the HddPassword software SMI... High Unreviewed
CVE-2022-33909 was published Nov 15, 2022
Memory corruption or temporary denial of service due to improper handling of concurrent... High Unreviewed
CVE-2022-22093 was published Sep 17, 2022
Memory corruption in display due to time-of-check time-of-use race condition during map or unmap... High Unreviewed
CVE-2022-25696 was published Sep 17, 2022
DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI... High Unreviewed
CVE-2022-33908 was published Nov 15, 2022
DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI... High Unreviewed
CVE-2022-33983 was published Nov 15, 2022
DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler... High Unreviewed
CVE-2022-33905 was published Nov 15, 2022
By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security... High Unreviewed
CVE-2021-23892 was published May 24, 2022
TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022... High Unreviewed
CVE-2022-39908 was published Dec 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database