GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
325 advisories
Filter by severity
devise Time-of-check Time-of-use Race Condition vulnerability
Moderate
CVE-2019-5421
was published
for
devise
(RubyGems)
Mar 19, 2019
mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs
High
CVE-2021-30465
was published
for
github.com/opencontainers/runc
(Go)
May 25, 2021
Time-of-check Time-of-use (TOCTOU) Race Condition in league/flysystem
Critical
CVE-2021-32708
was published
for
league/flysystem
(Composer)
Jun 29, 2021
Insufficient Session Expiration and TOCTOU Race Condition in OPC FOundation UA .Net Standard
Moderate
CVE-2020-8867
was published
for
OPCFoundation.NetStandard.Opc.Ua
(NuGet)
Aug 2, 2021
Miner fails to get block template when a cell used as a cell dep has been destroyed.
High
GHSA-v666-6w97-pcwm
was published
for
ckb
(Rust)
Aug 25, 2021
An issue was discovered in Plex Media Server through 1.24.4.5081-e362dc1ee. An attacker (with a...
High
Unreviewed
CVE-2021-42835
was published
Dec 9, 2021
A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and...
Moderate
Unreviewed
CVE-2021-4001
was published
Jan 22, 2022
On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all...
Moderate
Unreviewed
CVE-2022-23029
was published
Jan 26, 2022
Race condition in Apache Tomcat
High
CVE-2022-23181
was published
for
org.apache.tomcat:tomcat
(Maven)
Feb 1, 2022
Potential proxy IP restriction bypass in Kubernetes
Low
CVE-2020-8562
was published
for
k8s.io/kubernetes
(Go)
Feb 2, 2022
Insecure temporary file in Tensorflow
High
CVE-2022-23563
was published
for
tensorflow
(pip)
Feb 9, 2022
Time-of-check Time-of-use (TOCTOU) Race Condition in chownr
Low
CVE-2017-18869
was published
for
chownr
(npm)
Feb 10, 2022
VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way...
High
Unreviewed
CVE-2021-22043
was published
Feb 17, 2022
b2-sdk-python TOCTOU application key disclosure
Moderate
CVE-2022-23651
was published
for
b2sdk
(pip)
Feb 24, 2022
B2 Command Line Tool TOCTOU application key disclosure
Moderate
CVE-2022-23653
was published
for
b2
(pip)
Feb 24, 2022
JetBrains TeamCity before 2021.2 was vulnerable to a Time-of-check/Time-of-use (TOCTOU) race...
High
Unreviewed
CVE-2022-24335
was published
Feb 26, 2022
A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for...
Moderate
Unreviewed
CVE-2022-0280
was published
Mar 12, 2022
Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability...
Low
Unreviewed
CVE-2022-24413
was published
Apr 13, 2022
There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Logitech Sync for...
High
Unreviewed
CVE-2022-0915
was published
Apr 13, 2022
An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the...
Moderate
Unreviewed
CVE-2022-25165
was published
Apr 15, 2022
Time-of-check Time-of-use (TOCTOU) Race Condition vulerability in Foscam R2C IP camera running...
High
Unreviewed
CVE-2022-28743
was published
Apr 22, 2022
Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged...
High
Unreviewed
CVE-2011-4126
was published
Apr 22, 2022
libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and...
Moderate
Unreviewed
CVE-2012-5630
was published
Apr 23, 2022
ProTip!
Advisories are also available from the
GraphQL API