GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
102 advisories
Filter by severity
DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could...
Moderate
Unreviewed
CVE-2022-33986
was published
Nov 15, 2022
DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI...
Moderate
Unreviewed
CVE-2022-33906
was published
Nov 15, 2022
Update description and links DMA transactions which are targeted at input buffers used for the...
Moderate
Unreviewed
CVE-2022-31243
was published
Nov 15, 2022
DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after...
Moderate
Unreviewed
CVE-2022-30774
was published
Nov 15, 2022
Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may...
Moderate
Unreviewed
CVE-2022-21198
was published
Nov 11, 2022
In jpeg, there is a possible use after free due to a race condition. This could lead to local...
Moderate
Unreviewed
CVE-2022-32608
was published
Nov 9, 2022
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd...
Moderate
Unreviewed
CVE-2022-22220
was published
Oct 18, 2022
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the Routing Protocol Daemon ...
Moderate
Unreviewed
CVE-2022-22225
was published
Oct 18, 2022
A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd...
Moderate
Unreviewed
CVE-2022-29800
was published
Sep 22, 2022
A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race...
Moderate
Unreviewed
CVE-2022-1974
was published
Sep 1, 2022
A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to...
Moderate
Unreviewed
CVE-2021-35937
was published
Aug 26, 2022
A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow...
Moderate
Unreviewed
CVE-2022-33691
was published
Jul 13, 2022
Time-of-check time-of-use vulnerability in the Crypto API Toolkit for Intel(R) SGX may allow a...
Moderate
Unreviewed
CVE-2021-33097
was published
May 24, 2022
When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE)...
Moderate
Unreviewed
CVE-2021-0289
was published
May 24, 2022
A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for...
Moderate
Unreviewed
CVE-2021-1567
was published
May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2021-31427
was published
May 24, 2022
While processing storage SCM commands there is a time of check or time of use window where a...
Moderate
Unreviewed
CVE-2020-11220
was published
May 24, 2022
Potential arbitrary memory corruption when the qseecom driver updates ion physical addresses in...
Moderate
Unreviewed
CVE-2020-11230
was published
May 24, 2022
Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a...
Moderate
Unreviewed
CVE-2021-23977
was published
May 24, 2022
The Trusted Platform Modules (TPM) reference software may not properly track the number of times...
Moderate
Unreviewed
CVE-2020-12926
was published
May 24, 2022
Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web...
Moderate
Unreviewed
CVE-2020-27014
was published
May 24, 2022
This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.6. A...
Moderate
Unreviewed
CVE-2020-9939
was published
May 24, 2022
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before...
Moderate
Unreviewed
CVE-2020-3981
was published
May 24, 2022
A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers...
Moderate
Unreviewed
CVE-2020-8332
was published
May 24, 2022
In SurfaceFlinger, there is a possible use after free due to a race condition. This could lead to...
Moderate
Unreviewed
CVE-2020-0358
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API