GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,960
Composer 4,279
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,421
Pub 12
RubyGems 891
Rust 873
Swift 36

Unreviewed advisories

All unreviewed 238,960

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

117 advisories

Filter by severity

Sort by

Least recently updated

A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the Routing Protocol Daemon ... Moderate Unreviewed

CVE-2022-22225 was published Oct 18, 2022

A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd... Moderate Unreviewed

CVE-2022-22220 was published Oct 18, 2022

In jpeg, there is a possible use after free due to a race condition. This could lead to local... Moderate Unreviewed

CVE-2022-32608 was published Nov 9, 2022

Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may... Moderate Unreviewed

CVE-2022-21198 was published Nov 11, 2022

DMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software... Moderate Unreviewed

CVE-2022-32267 was published Nov 15, 2022

DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could... Moderate Unreviewed

CVE-2022-33986 was published Nov 15, 2022

Update description and links DMA transactions which are targeted at input buffers used for the... Moderate Unreviewed

CVE-2022-31243 was published Nov 15, 2022

DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI... Moderate Unreviewed

CVE-2022-33906 was published Nov 15, 2022

DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after... Moderate Unreviewed

CVE-2022-30774 was published Nov 15, 2022

DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after... Moderate Unreviewed

CVE-2022-30773 was published Nov 15, 2022

DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe... Moderate Unreviewed

CVE-2022-32266 was published Nov 15, 2022

DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead... Moderate Unreviewed

CVE-2022-33982 was published Nov 15, 2022

DMA transactions which are targeted at input buffers used for the software SMI handler used by... Moderate Unreviewed

CVE-2022-33907 was published Nov 15, 2022

In isp, there is a possible out of bounds write due to a race condition. This could lead to local... Moderate Unreviewed

CVE-2022-32638 was published Jan 3, 2023

A TOCTOU (time-of-check to time-of-use) vulnerability exists where an attacker may use a... Moderate Unreviewed

CVE-2021-46795 was published Jan 11, 2023

TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially... Moderate Unreviewed

CVE-2023-20523 was published Jan 11, 2023

An Allocation of Resources Without Limits or Throttling weakness in the memory management of the... Moderate Unreviewed

CVE-2023-22397 was published Jan 13, 2023

A race condition was addressed with additional validation. This issue is fixed in macOS Ventura... Moderate Unreviewed

CVE-2023-23520 was published Feb 27, 2023

In ion, there is a possible escalation of privilege due to improper locking. This could lead to... Moderate Unreviewed

CVE-2023-20623 was published Mar 7, 2023

In adsp, there is a possible escalation of privilege due to a logic error. This could lead to... Moderate Unreviewed

CVE-2023-20620 was published Mar 7, 2023

Podman Time-of-check Time-of-use (TOCTOU) Race Condition Moderate

CVE-2023-0778 was published for github.com/containers/podman/v4 (Go) Mar 27, 2023

This vulnerability allows physical attackers to execute arbitrary code on affected Tesla vehicles... Moderate Unreviewed

CVE-2022-3093 was published Mar 29, 2023

A local file deletion vulnerability in the Palo Alto Networks GlobalProtect app on Windows... Moderate Unreviewed

CVE-2023-0006 was published Apr 12, 2023

Transient DOS due to time-of-check time-of-use race condition in Modem while processing RRC... Moderate Unreviewed

CVE-2022-33270 was published Apr 13, 2023

Avast and AVG Antivirus for Windows were susceptible to a Time-of-check/Time-of-use (TOCTOU) ... Moderate Unreviewed

CVE-2023-1586 was published Apr 19, 2023

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

117 advisories