GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,156
Erlang
30
GitHub Actions
19
Go
1,966
Maven
5,000+
npm
3,694
NuGet
653
pip
3,311
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+
311 advisories
Filter by severity
DMA transactions which are targeted at input buffers used for the HddPassword software SMI...
High
Unreviewed
CVE-2022-33909
was published
Nov 15, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
Moderate
Unreviewed
CVE-2020-14675
was published
May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
Moderate
Unreviewed
CVE-2020-14677
was published
May 24, 2022
memory corruption in Kernel due to race condition while getting mapping reference in Snapdragon...
High
Unreviewed
CVE-2022-22094
was published
Sep 17, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
Moderate
Unreviewed
CVE-2020-14674
was published
May 24, 2022
u'While processing SMCInvoke asynchronous message header, message count is modified leading to a...
Moderate
Unreviewed
CVE-2019-14119
was published
May 24, 2022
u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to...
Moderate
Unreviewed
CVE-2020-3619
was published
May 24, 2022
In SurfaceFlinger, there is a possible use after free due to a race condition. This could lead to...
Moderate
Unreviewed
CVE-2020-0358
was published
May 24, 2022
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors,...
High
Unreviewed
CVE-2020-14375
was published
May 24, 2022
A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers...
Moderate
Unreviewed
CVE-2020-8332
was published
May 24, 2022
A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local...
Moderate
Unreviewed
CVE-2020-25212
was published
May 24, 2022
A memory corruption issue was addressed with improved memory handling. This issue is fixed in...
High
Unreviewed
CVE-2020-9921
was published
May 24, 2022
This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.6. A...
Moderate
Unreviewed
CVE-2020-9939
was published
May 24, 2022
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before...
Moderate
Unreviewed
CVE-2020-3981
was published
May 24, 2022
Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web...
Moderate
Unreviewed
CVE-2020-27014
was published
May 24, 2022
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017...
High
Unreviewed
CVE-2020-24428
was published
May 24, 2022
Time-of-check Time-of-use (TOCTOU) Race Condition in Jenkins
Moderate
CVE-2021-21615
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
The Trusted Platform Modules (TPM) reference software may not properly track the number of times...
Moderate
Unreviewed
CVE-2020-12926
was published
May 24, 2022
Medtronic MyCareLink Smart 25000 all versions are vulnerable to a race condition in the MCL Smart...
High
Unreviewed
CVE-2020-27252
was published
May 24, 2022
A race condition was addressed with additional validation. This issue is fixed in macOS Catalina...
High
Unreviewed
CVE-2020-9990
was published
May 24, 2022
A Time-of-Check Time-of-Use bug existed in the Maintenance (Updater) Service that could be abused...
High
Unreviewed
CVE-2022-22753
was published
Dec 22, 2022
Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is...
High
Unreviewed
CVE-2021-26910
was published
May 24, 2022
Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a...
Moderate
Unreviewed
CVE-2021-23977
was published
May 24, 2022
While processing storage SCM commands there is a time of check or time of use window where a...
Moderate
Unreviewed
CVE-2020-11220
was published
May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2021-31427
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API