GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,259
Composer 4,354
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,293
npm 3,779
NuGet 681
pip 3,460
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,865

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

303 advisories

Filter by severity

Sort by

Least recently updated

In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4... Moderate Unreviewed

CVE-2020-7460 was published May 24, 2022

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... Moderate Unreviewed

CVE-2020-14677 was published May 24, 2022

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... Moderate Unreviewed

CVE-2020-14674 was published May 24, 2022

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... Moderate Unreviewed

CVE-2020-14675 was published May 24, 2022

CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The... Low Unreviewed

CVE-2020-13882 was published May 24, 2022

A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client... Moderate Unreviewed

CVE-2020-13162 was published May 24, 2022

VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware... Moderate Unreviewed

CVE-2020-3957 was published May 24, 2022

Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport... Low Unreviewed

CVE-2020-8833 was published May 24, 2022

A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of... Moderate Unreviewed

CVE-2020-8016 was published May 24, 2022

A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive... Low Unreviewed

CVE-2020-8017 was published May 24, 2022

Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that... Moderate Unreviewed

CVE-2019-11482 was published May 24, 2022

In onCreate of InstallStart.java, there is a possible package validation bypass due to a time-of... Low Unreviewed

CVE-2020-0003 was published May 24, 2022

Race condition between the camera functions due to lack of resource lock which will lead to... Moderate Unreviewed

CVE-2019-10494 was published May 24, 2022

The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug;... Moderate Unreviewed

CVE-2019-18644 was published May 24, 2022

Prior to 0.1, all builds of Eclipse OMR contain a bug where the loop versioner may fail to... High Unreviewed

CVE-2019-11774 was published May 24, 2022

Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10... High Unreviewed

CVE-2019-7307 was published May 24, 2022

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle... High Unreviewed

CVE-2019-1065 was published May 24, 2022

Quick Heal Total Security before 12.1.1.27 has a TOCTOU race condition that leads to privilege... High Unreviewed

CVE-2022-31466 was published May 24, 2022

A Time of Check Time of Use (TOCTOU) vulnerability was reported in IMController, a software... High Unreviewed

CVE-2021-3969 was published May 19, 2022

Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted... Moderate Unreviewed

CVE-2015-1743 was published May 14, 2022

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced... High Unreviewed

CVE-2018-8584 was published May 13, 2022

A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka ... Low Unreviewed

CVE-2018-8449 was published May 13, 2022

A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka ... Low Unreviewed

CVE-2018-0966 was published May 13, 2022

An ability to process crash dumps under root privileges and inappropriate symlinks handling could... High Unreviewed

CVE-2017-15404 was published May 13, 2022

Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows... Moderate Unreviewed

CVE-2017-11830 was published May 13, 2022

Previous 1 2 … 9 10 11 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

303 advisories