Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

300 advisories

Loading
Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the... Moderate Unreviewed
CVE-2022-38730 was published Apr 27, 2023
OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password... High Unreviewed
CVE-2024-39894 was published Jul 2, 2024
An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI... High Unreviewed
CVE-2024-1563 was published Feb 22, 2024
Time-of-check time-of-use race condition in some Intel(R) Neural Compressor software before... Low Unreviewed
CVE-2024-37181 was published Jan 16, 2025
Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use (TOCTOU)... Moderate Unreviewed
CVE-2025-22394 was published Jan 15, 2025
APTIOV contains a vulnerability in BIOS where an attacker may cause a TOCTOU Race Condition by... High Unreviewed
CVE-2024-42444 was published Jan 14, 2025
In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Fix... Moderate Unreviewed
CVE-2023-52478 was published Feb 29, 2024
IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 could allow a remote attacker... Critical Unreviewed
CVE-2024-41787 was published Jan 10, 2025
In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown... Moderate Unreviewed
CVE-2024-49998 was published Oct 21, 2024
In the Linux kernel, the following vulnerability has been resolved: ice: Don't process extts if... Moderate Unreviewed
CVE-2024-42107 was published Jul 30, 2024
In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free read... High Unreviewed
CVE-2021-47280 was published May 21, 2024
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - resolve race... High Unreviewed
CVE-2024-26974 was published May 1, 2024
Dell ThinOS version 2408 contains a Time-of-check Time-of-use (TOCTOU) Race Condition... High Unreviewed
CVE-2024-53289 was published Dec 11, 2024
A race condition could lead to a cross-origin container obtaining permissions of the top-level... Moderate Unreviewed
CVE-2024-6601 was published Jul 9, 2024
The virtio_vq_recordon function is subject to a time-of-check to time-of-use (TOCTOU) race... Moderate Unreviewed
CVE-2024-51563 was published Nov 12, 2024
IBM Engineering Systems Design Rhapsody - Model Manager 7.0.2 and 7.0.3 could allow a remote... Critical Unreviewed
CVE-2024-41779 was published Nov 22, 2024
In OpenBSD 7.4 before errata 009, a race condition between pf(4)'s processing of packets and... Moderate Unreviewed
CVE-2023-52556 was published Mar 1, 2024
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlegacy: Clear stale... High Unreviewed
CVE-2024-50234 was published Nov 9, 2024
Time-of-check Time-of-use Race Condition in some Intel(R) processors with Intel(R) ACTM may allow... High Unreviewed
CVE-2024-22185 was published Nov 13, 2024
UsersController.php in Run.codes 1.5.2 and older has a reset password race condition vulnerability. High Unreviewed
CVE-2024-48322 was published Nov 11, 2024
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-49046 was published Nov 12, 2024
Windows Registry Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43452 was published Nov 12, 2024
An attacker with local access the to medical office computer can escalate his Windows user... High Unreviewed
CVE-2024-50592 was published Nov 8, 2024
Memory corruption while handling IOCTL calls in JPEG Encoder driver. High Unreviewed
CVE-2024-38406 was published Nov 4, 2024
Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver. High Unreviewed
CVE-2024-38407 was published Nov 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database