Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

135 advisories

Loading
Memory corruption may occur while processing the OIS packet parser. Moderate Unreviewed
CVE-2024-53018 was published Jun 3, 2025
Memory corruption while processing I2C settings in Camera driver. Moderate Unreviewed
CVE-2024-53016 was published Jun 3, 2025
A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd... Moderate Unreviewed
CVE-2022-29800 was published Sep 22, 2022
Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to... Moderate Unreviewed
CVE-2025-46805 was published May 26, 2025
Rack session gets restored after deletion Moderate
CVE-2025-46336 was published for rack-session (RubyGems) May 8, 2025
stengineering0 jeremyevans
ioquatix
Rack session gets restored after deletion Moderate
CVE-2025-32441 was published for rack (RubyGems) May 8, 2025
stengineering0 jeremyevans
ioquatix
Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use ... Moderate Unreviewed
CVE-2025-30101 was published May 8, 2025
A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client... Moderate Unreviewed
CVE-2020-13162 was published May 24, 2022
Alpine before 2.25 allows remote attackers to cause a denial of service (daemon crash) when LIST... Moderate Unreviewed
CVE-2021-46853 was published Nov 3, 2022
DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe... Moderate Unreviewed
CVE-2022-32266 was published Nov 15, 2022
Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2024-6029 was published Apr 30, 2025
Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be... Moderate Unreviewed
CVE-2025-3599 was published Apr 30, 2025
WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a... Moderate Unreviewed
CVE-2022-3590 was published Dec 14, 2022
Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows... Moderate Unreviewed
CVE-2017-11830 was published May 13, 2022
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp:... Moderate Unreviewed
CVE-2025-21998 was published Apr 3, 2025
Information disclosure may be there when a guest VM is connected. Moderate Unreviewed
CVE-2025-21431 was published Apr 7, 2025
Calling `PK11_Encrypt()` in NSS using CKM_CHACHA20 and the same buffer for input and output can... Moderate Unreviewed
CVE-2024-7531 was published Aug 6, 2024
Duende.AccessTokenManagement race condition when concurrently retrieving customized Client Credentials Access Tokens Moderate
CVE-2025-26620 was published for Duende.AccessTokenManagement (NuGet) Feb 19, 2025
Time-of-check time-of-use race condition for some Intel(R) Battery Life Diagnostic Tool software... Moderate Unreviewed
CVE-2024-41917 was published Feb 13, 2025
Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the... Moderate Unreviewed
CVE-2022-38730 was published Apr 27, 2023
WordOps has TOCTOU race condition Moderate
CVE-2024-34528 was published for wordops (pip) May 6, 2024
VirtuBox
Apache StreamPipes potentially allows creation of multiple identical accounts Moderate
CVE-2024-30471 was published for org.apache.streampipes:streampipes-parent (Maven) Jul 17, 2024
Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use (TOCTOU)... Moderate Unreviewed
CVE-2025-22394 was published Jan 15, 2025
In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Fix... Moderate Unreviewed
CVE-2023-52478 was published Feb 29, 2024
In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown... Moderate Unreviewed
CVE-2024-49998 was published Oct 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database