Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

323 advisories

Loading
The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug;... Moderate Unreviewed
CVE-2019-18644 was published May 24, 2022
Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that... Moderate Unreviewed
CVE-2019-11482 was published May 24, 2022
A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows... Moderate Unreviewed
CVE-2023-0006 was published Apr 12, 2023
Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC... Moderate Unreviewed
CVE-2022-33270 was published Apr 13, 2023
Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) ... Moderate Unreviewed
CVE-2023-1586 was published Apr 19, 2023
Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) ... Moderate Unreviewed
CVE-2023-1585 was published Apr 19, 2023
Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the... Moderate Unreviewed
CVE-2022-38730 was published Apr 27, 2023
A TOCTOU in ASP bootloader may allow an attacker to tamper with the SPI ROM following data read... High Unreviewed
CVE-2021-26356 was published May 9, 2023
Videostream macOS app 0.5.0 and 0.4.3 has a Race Condition. The Updater privileged script... High Unreviewed
CVE-2023-25394 was published May 17, 2023
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP... High Unreviewed
CVE-2022-43778 was published Jun 12, 2023
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products,... High Unreviewed
CVE-2022-31640 was published Jun 14, 2023
The Netskope client service (prior to R96) on Windows runs as NT AUTHORITY\SYSTEM which writes... High Unreviewed
CVE-2022-4149 was published Jun 15, 2023
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service... High Unreviewed
CVE-2023-32554 was published Jun 27, 2023
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service... High Unreviewed
CVE-2023-32555 was published Jun 27, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.7 before 15.8.5,... Moderate Unreviewed
CVE-2022-4143 was published Jun 28, 2023
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP... High Unreviewed
CVE-2023-26299 was published Jun 30, 2023
Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE... High Unreviewed
CVE-2022-43946 was published Jul 6, 2023
IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of... Moderate Unreviewed
CVE-2023-33832 was published Jul 19, 2023
In audio, there is a possible out of bounds write due to a missing bounds check. This could lead... Moderate Unreviewed
CVE-2023-20785 was published Aug 7, 2023
In thermal, there is a possible use after free due to a race condition. This could lead to local... Moderate Unreviewed
CVE-2023-20787 was published Aug 7, 2023
In thermal, there is a possible use after free due to a race condition. This could lead to local... Moderate Unreviewed
CVE-2023-20788 was published Aug 7, 2023
The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in... High Unreviewed
CVE-2023-28576 was published Aug 8, 2023
Dell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated... Moderate Unreviewed
CVE-2023-28075 was published Aug 16, 2023
Unity Parsec before 8 has a TOCTOU race condition that permits local attackers to escalate... High Unreviewed
CVE-2023-37250 was published Aug 20, 2023
BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU... High Unreviewed
CVE-2023-27470 was published Sep 11, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database