GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,783
Composer 4,757
Erlang 35
GitHub Actions 29
Go 2,327
Maven 5,611
npm 3,960
NuGet 712
pip 3,741
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,506

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

135 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

This vulnerability occurs when an attacker exploits a race condition between the time a file is... Moderate Unreviewed

CVE-2024-6787 was published Sep 21, 2024

Magento Open Source Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability Moderate

CVE-2024-45120 was published for magento/community-edition (Composer) Oct 10, 2024

A vulnerability was discovered in Samsung Mobile Processor Exynos 980, Exynos 990, Exynos 1080,... Moderate Unreviewed

CVE-2024-27361 was published Jul 9, 2024

In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via... Moderate Unreviewed

CVE-2022-48682 was published Apr 26, 2024

Duplicate Advisory: NVIDIA Container Toolkit allows specially crafted container image to create empty files on the host file system Moderate

GHSA-g4pj-mx9f-m2mh was published for github.com/NVIDIA/nvidia-container-toolkit (Go) Sep 26, 2024 • withdrawn

NVIDIA Container Toolkit allows specially crafted container image to create empty files on the host file system Moderate

CVE-2024-0133 was published for github.com/NVIDIA/nvidia-container-toolkit (Go) Oct 29, 2024

In OpenBSD 7.4 before errata 009, a race condition between pf(4)'s processing of packets and... Moderate Unreviewed

CVE-2023-52556 was published Mar 1, 2024

The virtio_vq_recordon function is subject to a time-of-check to time-of-use (TOCTOU) race... Moderate Unreviewed

CVE-2024-51563 was published Nov 12, 2024

A race condition could lead to a cross-origin container obtaining permissions of the top-level... Moderate Unreviewed

CVE-2024-6601 was published Jul 9, 2024

In the Linux kernel, the following vulnerability has been resolved: ice: Don't process extts if... Moderate Unreviewed

CVE-2024-42107 was published Jul 30, 2024

In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown... Moderate Unreviewed

CVE-2024-49998 was published Oct 21, 2024

In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Fix... Moderate Unreviewed

CVE-2023-52478 was published Feb 29, 2024

Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use (TOCTOU)... Moderate Unreviewed

CVE-2025-22394 was published Jan 15, 2025

Apache StreamPipes potentially allows creation of multiple identical accounts Moderate

CVE-2024-30471 was published for org.apache.streampipes:streampipes-parent (Maven) Jul 17, 2024

WordOps has TOCTOU race condition Moderate

CVE-2024-34528 was published for wordops (pip) May 6, 2024

Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the... Moderate Unreviewed

CVE-2022-38730 was published Apr 27, 2023

Time-of-check time-of-use race condition for some Intel(R) Battery Life Diagnostic Tool software... Moderate Unreviewed

CVE-2024-41917 was published Feb 13, 2025

Duende.AccessTokenManagement race condition when concurrently retrieving customized Client Credentials Access Tokens Moderate

CVE-2025-26620 was published for Duende.AccessTokenManagement (NuGet) Feb 19, 2025

Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can... Moderate Unreviewed

CVE-2024-7531 was published Aug 6, 2024

Information disclosure may be there when a guest VM is connected. Moderate Unreviewed

CVE-2025-21431 was published Apr 7, 2025

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp:... Moderate Unreviewed

CVE-2025-21998 was published Apr 3, 2025

Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows... Moderate Unreviewed

CVE-2017-11830 was published May 13, 2022

WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a... Moderate Unreviewed

CVE-2022-3590 was published Dec 14, 2022

Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be... Moderate Unreviewed

CVE-2025-3599 was published Apr 30, 2025

Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability. This vulnerability allows... Moderate Unreviewed

CVE-2024-6029 was published Apr 30, 2025

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

135 advisories