Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

323 advisories

Loading
TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially... Moderate Unreviewed
CVE-2023-20523 was published Jan 11, 2023
VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600... High Unreviewed
CVE-2019-5519 was published May 13, 2022
In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check... Critical Unreviewed
CVE-2019-7249 was published May 13, 2022
A Time-of-check Time-of-use (TOCTOU) Race Condition exists in ZoneMinder through 1.32.3 as a... High Unreviewed
CVE-2019-7347 was published May 13, 2022
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious... High Unreviewed
CVE-2017-0412 was published May 13, 2022
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious... High Unreviewed
CVE-2017-0411 was published May 13, 2022
An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious... High Unreviewed
CVE-2017-0331 was published May 13, 2022
A remote code execution vulnerability in the Android media framework (libstagefright). Product:... High Unreviewed
CVE-2017-0756 was published May 13, 2022
Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows... Moderate Unreviewed
CVE-2017-11830 was published May 13, 2022
An ability to process crash dumps under root privileges and inappropriate symlinks handling could... High Unreviewed
CVE-2017-15404 was published May 13, 2022
In isp, there is a possible out of bounds write due to a race condition. This could lead to local... Moderate Unreviewed
CVE-2022-32638 was published Jan 3, 2023
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka ... Low Unreviewed
CVE-2018-0966 was published May 13, 2022
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced... High Unreviewed
CVE-2018-8584 was published May 13, 2022
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka ... Low Unreviewed
CVE-2018-8449 was published May 13, 2022
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd... Moderate Unreviewed
CVE-2022-22220 was published Oct 18, 2022
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the Routing Protocol Daemon ... Moderate Unreviewed
CVE-2022-22225 was published Oct 18, 2022
Memory corruption in display due to time-of-check time-of-use of metadata reserved size in... High Unreviewed
CVE-2022-33214 was published Oct 19, 2022
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One Vulnerability Protection... High Unreviewed
CVE-2022-41744 was published Oct 11, 2022
In UsbCoreDxe, tampering with the contents of the USB working buffer using DMA while certain USB... High Unreviewed
CVE-2022-30283 was published Nov 16, 2022
On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all... Moderate Unreviewed
CVE-2022-23029 was published Jan 26, 2022
VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way... High Unreviewed
CVE-2021-22043 was published Feb 17, 2022
A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user... High Unreviewed
CVE-2022-48191 was published Jan 20, 2023
JetBrains TeamCity before 2021.2 was vulnerable to a Time-of-check/Time-of-use (TOCTOU) race... High Unreviewed
CVE-2022-24335 was published Feb 26, 2022
TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and... Moderate Unreviewed
CVE-2020-15702 was published May 24, 2022
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Low Unreviewed
CVE-2013-4235 was published May 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database