Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

306 advisories

Loading
A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a... Moderate Unreviewed
CVE-2021-26350 was published May 12, 2022
TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a... Moderate Unreviewed
CVE-2021-26347 was published May 12, 2022
Race Condition in Grunt High
CVE-2022-1537 was published for grunt (npm) May 11, 2022
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Low Unreviewed
CVE-2013-4235 was published May 5, 2022
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain... Moderate Unreviewed
CVE-2004-0594 was published Apr 29, 2022
A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch... Moderate Unreviewed
CVE-2003-0813 was published Apr 29, 2022
libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and... Moderate Unreviewed
CVE-2012-5630 was published Apr 23, 2022
Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged... High Unreviewed
CVE-2011-4126 was published Apr 22, 2022
Time-of-check Time-of-use (TOCTOU) Race Condition vulerability in Foscam R2C IP camera running... High Unreviewed
CVE-2022-28743 was published Apr 22, 2022
An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the... Moderate Unreviewed
CVE-2022-25165 was published Apr 15, 2022
There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Logitech Sync for... High Unreviewed
CVE-2022-0915 was published Apr 13, 2022
Dell PowerScale OneFS, versions 8.2.2-9.3.x, contain a time-of-check-to-time-of-use vulnerability... Low Unreviewed
CVE-2022-24413 was published Apr 13, 2022
A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for... Moderate Unreviewed
CVE-2022-0280 was published Mar 12, 2022
JetBrains TeamCity before 2021.2 was vulnerable to a Time-of-check/Time-of-use (TOCTOU) race... High Unreviewed
CVE-2022-24335 was published Feb 26, 2022
B2 Command Line Tool TOCTOU application key disclosure Moderate
CVE-2022-23653 was published for b2 (pip) Feb 24, 2022
janschejbal
b2-sdk-python TOCTOU application key disclosure Moderate
CVE-2022-23651 was published for b2sdk (pip) Feb 24, 2022
janschejbal
VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way... High Unreviewed
CVE-2021-22043 was published Feb 17, 2022
Time-of-check Time-of-use (TOCTOU) Race Condition in chownr Low
CVE-2017-18869 was published for chownr (npm) Feb 10, 2022
tdunlap607
Insecure temporary file in Tensorflow High
CVE-2022-23563 was published for tensorflow (pip) Feb 9, 2022
TOCTOU Race Condition in Yarn Moderate
CVE-2019-15608 was published for yarn (npm) Feb 9, 2022
Potential proxy IP restriction bypass in Kubernetes Low
CVE-2020-8562 was published for k8s.io/kubernetes (Go) Feb 2, 2022
enj
Race condition in Apache Tomcat High
CVE-2022-23181 was published for org.apache.tomcat:tomcat (Maven) Feb 1, 2022
On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all... Moderate Unreviewed
CVE-2022-23029 was published Jan 26, 2022
A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and... Moderate Unreviewed
CVE-2021-4001 was published Jan 22, 2022
An issue was discovered in Plex Media Server through 1.24.4.5081-e362dc1ee. An attacker (with a... High Unreviewed
CVE-2021-42835 was published Dec 9, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database