GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,763
Composer 4,750
Erlang 35
GitHub Actions 29
Go 2,323
Maven 5,608
npm 3,956
NuGet 712
pip 3,739
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,266

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

135 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Race condition in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow... Moderate Unreviewed

CVE-2024-24692 was published Mar 13, 2024

OpenStack magnum vulnerable to time-of-check to time-of-use (TOCTOU) attack Moderate

CVE-2024-28718 was published for magnum (pip) Apr 12, 2024

A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on... Moderate Unreviewed

CVE-2024-2440 was published Apr 19, 2024

In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via... Moderate Unreviewed

CVE-2022-48682 was published Apr 26, 2024

WordOps has TOCTOU race condition Moderate

CVE-2024-34528 was published for wordops (pip) May 6, 2024

A race condition vulnerability exists in the mintplex-labs/anything-llm repository, specifically... Moderate Unreviewed

CVE-2024-2913 was published May 7, 2024

Time-of-check Time-of-use race condition in Intel(R) Neural Compressor software before version 2... Moderate Unreviewed

CVE-2024-21792 was published May 16, 2024

CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists that could cause... Moderate Unreviewed

CVE-2024-5558 was published Jun 12, 2024

Dell PowerEdge Server BIOS contains an TOCTOU race condition vulnerability. A local low... Moderate Unreviewed

CVE-2024-0171 was published Jun 25, 2024

A race condition could lead to a cross-origin container obtaining permissions of the top-level... Moderate Unreviewed

CVE-2024-6601 was published Jul 9, 2024

A vulnerability was discovered in Samsung Mobile Processor Exynos 980, Exynos 990, Exynos 1080,... Moderate Unreviewed

CVE-2024-27361 was published Jul 9, 2024

Path traversal in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an... Moderate Unreviewed

CVE-2024-39826 was published Jul 15, 2024

Race condition in the installer for Zoom Workplace App for Windows and Zoom Rooms App for Windows... Moderate Unreviewed

CVE-2024-39821 was published Jul 15, 2024

Apache StreamPipes potentially allows creation of multiple identical accounts Moderate

CVE-2024-30471 was published for org.apache.streampipes:streampipes-parent (Maven) Jul 17, 2024

In the Linux kernel, the following vulnerability has been resolved: ice: Don't process extts if... Moderate Unreviewed

CVE-2024-42107 was published Jul 30, 2024

Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can... Moderate Unreviewed

CVE-2024-7531 was published Aug 6, 2024

This vulnerability occurs when an attacker exploits a race condition between the time a file is... Moderate Unreviewed

CVE-2024-6787 was published Sep 21, 2024

Duplicate Advisory: NVIDIA Container Toolkit allows specially crafted container image to create empty files on the host file system Moderate

GHSA-g4pj-mx9f-m2mh was published for github.com/NVIDIA/nvidia-container-toolkit (Go) Sep 26, 2024 • withdrawn

Magento Open Source Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability Moderate

CVE-2024-45120 was published for magento/community-edition (Composer) Oct 10, 2024

In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown... Moderate Unreviewed

CVE-2024-49998 was published Oct 21, 2024

NVIDIA Container Toolkit allows specially crafted container image to create empty files on the host file system Moderate

CVE-2024-0133 was published for github.com/NVIDIA/nvidia-container-toolkit (Go) Oct 29, 2024

The virtio_vq_recordon function is subject to a time-of-check to time-of-use (TOCTOU) race... Moderate Unreviewed

CVE-2024-51563 was published Nov 12, 2024

Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use (TOCTOU)... Moderate Unreviewed

CVE-2025-22394 was published Jan 15, 2025

Time-of-check time-of-use race condition for some Intel(R) Battery Life Diagnostic Tool software... Moderate Unreviewed

CVE-2024-41917 was published Feb 13, 2025

Duende.AccessTokenManagement race condition when concurrently retrieving customized Client Credentials Access Tokens Moderate

CVE-2025-26620 was published for Duende.AccessTokenManagement (NuGet) Feb 19, 2025

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

135 advisories