GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
117 advisories
Filter by severity
devise Time-of-check Time-of-use Race Condition vulnerability
Moderate
CVE-2019-5421
was published
for
devise
(RubyGems)
Mar 19, 2019
Insufficient Session Expiration and TOCTOU Race Condition in OPC FOundation UA .Net Standard
Moderate
CVE-2020-8867
was published
for
OPCFoundation.NetStandard.Opc.Ua
(NuGet)
Aug 2, 2021
A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and...
Moderate
Unreviewed
CVE-2021-4001
was published
Jan 22, 2022
On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all...
Moderate
Unreviewed
CVE-2022-23029
was published
Jan 26, 2022
b2-sdk-python TOCTOU application key disclosure
Moderate
CVE-2022-23651
was published
for
b2sdk
(pip)
Feb 24, 2022
B2 Command Line Tool TOCTOU application key disclosure
Moderate
CVE-2022-23653
was published
for
b2
(pip)
Feb 24, 2022
A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for...
Moderate
Unreviewed
CVE-2022-0280
was published
Mar 12, 2022
An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the...
Moderate
Unreviewed
CVE-2022-25165
was published
Apr 15, 2022
libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and...
Moderate
Unreviewed
CVE-2012-5630
was published
Apr 23, 2022
A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch...
Moderate
Unreviewed
CVE-2003-0813
was published
Apr 29, 2022
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain...
Moderate
Unreviewed
CVE-2004-0594
was published
Apr 29, 2022
A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a...
Moderate
Unreviewed
CVE-2021-26350
was published
May 12, 2022
TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a...
Moderate
Unreviewed
CVE-2021-26347
was published
May 12, 2022
A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in...
Moderate
Unreviewed
CVE-2018-16872
was published
May 13, 2022
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0,...
Moderate
Unreviewed
CVE-2018-6693
was published
May 13, 2022
Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows...
Moderate
Unreviewed
CVE-2017-11830
was published
May 13, 2022
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted...
Moderate
Unreviewed
CVE-2015-1743
was published
May 14, 2022
The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug;...
Moderate
Unreviewed
CVE-2019-18644
was published
May 24, 2022
Race condition between the camera functions due to lack of resource lock which will lead to...
Moderate
Unreviewed
CVE-2019-10494
was published
May 24, 2022
Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that...
Moderate
Unreviewed
CVE-2019-11482
was published
May 24, 2022
A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of...
Moderate
Unreviewed
CVE-2020-8016
was published
May 24, 2022
VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware...
Moderate
Unreviewed
CVE-2020-3957
was published
May 24, 2022
A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client...
Moderate
Unreviewed
CVE-2020-13162
was published
May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core)....
Moderate
Unreviewed
CVE-2020-14675
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API