GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
323 advisories
Filter by severity
VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600...
High
Unreviewed
CVE-2019-5519
was published
May 13, 2022
TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially...
Moderate
Unreviewed
CVE-2023-20523
was published
Jan 11, 2023
In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check...
Critical
Unreviewed
CVE-2019-7249
was published
May 13, 2022
A Time-of-check Time-of-use (TOCTOU) Race Condition exists in ZoneMinder through 1.32.3 as a...
High
Unreviewed
CVE-2019-7347
was published
May 13, 2022
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious...
High
Unreviewed
CVE-2017-0412
was published
May 13, 2022
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious...
High
Unreviewed
CVE-2017-0411
was published
May 13, 2022
An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious...
High
Unreviewed
CVE-2017-0331
was published
May 13, 2022
A remote code execution vulnerability in the Android media framework (libstagefright). Product:...
High
Unreviewed
CVE-2017-0756
was published
May 13, 2022
Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows...
Moderate
Unreviewed
CVE-2017-11830
was published
May 13, 2022
An ability to process crash dumps under root privileges and inappropriate symlinks handling could...
High
Unreviewed
CVE-2017-15404
was published
May 13, 2022
In isp, there is a possible out of bounds write due to a race condition. This could lead to local...
Moderate
Unreviewed
CVE-2022-32638
was published
Jan 3, 2023
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka ...
Low
Unreviewed
CVE-2018-0966
was published
May 13, 2022
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced...
High
Unreviewed
CVE-2018-8584
was published
May 13, 2022
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka ...
Low
Unreviewed
CVE-2018-8449
was published
May 13, 2022
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd...
Moderate
Unreviewed
CVE-2022-22220
was published
Oct 18, 2022
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the Routing Protocol Daemon ...
Moderate
Unreviewed
CVE-2022-22225
was published
Oct 18, 2022
Memory corruption in display due to time-of-check time-of-use of metadata reserved size in...
High
Unreviewed
CVE-2022-33214
was published
Oct 19, 2022
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One Vulnerability Protection...
High
Unreviewed
CVE-2022-41744
was published
Oct 11, 2022
In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB...
High
Unreviewed
CVE-2022-30283
was published
Nov 16, 2022
On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all...
Moderate
Unreviewed
CVE-2022-23029
was published
Jan 26, 2022
VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way...
High
Unreviewed
CVE-2021-22043
was published
Feb 17, 2022
A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user...
High
Unreviewed
CVE-2022-48191
was published
Jan 20, 2023
JetBrains TeamCity before 2021.2 was vulnerable to a Time-of-check/Time-of-use (TOCTOU) race...
High
Unreviewed
CVE-2022-24335
was published
Feb 26, 2022
TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and...
Moderate
Unreviewed
CVE-2020-15702
was published
May 24, 2022
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees
Low
Unreviewed
CVE-2013-4235
was published
May 5, 2022
ProTip!
Advisories are also available from the
GraphQL API