Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,409
Erlang
33
GitHub Actions
22
Go
2,144
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

347 advisories

Loading
A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local... Moderate Unreviewed
CVE-2020-25212 was published May 24, 2022
u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to... Moderate Unreviewed
CVE-2020-3619 was published May 24, 2022
u'While processing SMCInvoke asynchronous message header, message count is modified leading to a... Moderate Unreviewed
CVE-2019-14119 was published May 24, 2022
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly... High Unreviewed
CVE-2020-1337 was published May 24, 2022
TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and... Moderate Unreviewed
CVE-2020-15702 was published May 24, 2022
In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4... Moderate Unreviewed
CVE-2020-7460 was published May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... Moderate Unreviewed
CVE-2020-14677 was published May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... Moderate Unreviewed
CVE-2020-14674 was published May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... Moderate Unreviewed
CVE-2020-14675 was published May 24, 2022
CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The... Low Unreviewed
CVE-2020-13882 was published May 24, 2022
A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client... Moderate Unreviewed
CVE-2020-13162 was published May 24, 2022
VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware... Moderate Unreviewed
CVE-2020-3957 was published May 24, 2022
Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport... Low Unreviewed
CVE-2020-8833 was published May 24, 2022
A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of... Moderate Unreviewed
CVE-2020-8016 was published May 24, 2022
A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive... Low Unreviewed
CVE-2020-8017 was published May 24, 2022
Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that... Moderate Unreviewed
CVE-2019-11482 was published May 24, 2022
In onCreate of InstallStart.java, there is a possible package validation bypass due to a time-of... Low Unreviewed
CVE-2020-0003 was published May 24, 2022
Race condition between the camera functions due to lack of resource lock which will lead to... Moderate Unreviewed
CVE-2019-10494 was published May 24, 2022
The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug;... Moderate Unreviewed
CVE-2019-18644 was published May 24, 2022
Prior to 0.1, all builds of Eclipse OMR contain a bug where the loop versioner may fail to... High Unreviewed
CVE-2019-11774 was published May 24, 2022
Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10... High Unreviewed
CVE-2019-7307 was published May 24, 2022
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle... High Unreviewed
CVE-2019-1065 was published May 24, 2022
Quick Heal Total Security before 12.1.1.27 has a TOCTOU race condition that leads to privilege... High Unreviewed
CVE-2022-31466 was published May 24, 2022
A Time of Check Time of Use (TOCTOU) vulnerability was reported in IMController, a software... High Unreviewed
CVE-2021-3969 was published May 19, 2022
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted... Moderate Unreviewed
CVE-2015-1743 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database