GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
184 advisories
Filter by severity
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
High
CVE-2024-56337
was published
for
org.apache.tomcat:tomcat-catalina
(Maven)
Dec 20, 2024
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
High
CVE-2024-50379
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Dec 17, 2024
Dell ThinOS version 2408 contains a Time-of-check Time-of-use (TOCTOU) Race Condition...
High
Unreviewed
CVE-2024-53289
was published
Dec 11, 2024
Time-of-check Time-of-use Race Condition in some Intel(R) processors with Intel(R) ACTM may allow...
High
Unreviewed
CVE-2024-22185
was published
Nov 13, 2024
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-49046
was published
Nov 12, 2024
Windows Registry Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-43452
was published
Nov 12, 2024
UsersController.php in Run.codes 1.5.2 and older has a reset password race condition vulnerability.
High
Unreviewed
CVE-2024-48322
was published
Nov 11, 2024
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlegacy: Clear stale...
High
Unreviewed
CVE-2024-50234
was published
Nov 9, 2024
An attacker with local access the to medical office computer can
escalate his Windows user...
High
Unreviewed
CVE-2024-50592
was published
Nov 8, 2024
Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver.
High
Unreviewed
CVE-2024-38407
was published
Nov 4, 2024
Memory corruption while handling IOCTL calls in JPEG Encoder driver.
High
Unreviewed
CVE-2024-38406
was published
Nov 4, 2024
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the AgentD process of...
High
Unreviewed
CVE-2024-47494
was published
Oct 11, 2024
Windows Kernel Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-43511
was published
Oct 8, 2024
The AVGUI.exe of AVG/Avast Antivirus before versions before 24.1 can allow a local attacker to...
High
Unreviewed
CVE-2024-5803
was published
Oct 3, 2024
A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online...
High
Unreviewed
CVE-2024-27114
was published
Sep 11, 2024
In the Linux kernel, the following vulnerability has been resolved:
exec: Fix ToCToU between...
High
Unreviewed
CVE-2024-43882
was published
Aug 21, 2024
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are...
High
Unreviewed
CVE-2024-39425
was published
Aug 14, 2024
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are...
High
Unreviewed
CVE-2024-39420
was published
Aug 14, 2024
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38186
was published
Aug 13, 2024
Windows Kernel Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38153
was published
Aug 13, 2024
A TOCTOU (Time-Of-Check-Time-Of-Use) in SMM may allow
an attacker with ring0 privileges and...
High
Unreviewed
CVE-2023-20578
was published
Aug 13, 2024
Time-of-check Time-of-use (TOCTOU) race condition in pg_dump in PostgreSQL allows an object...
High
Unreviewed
CVE-2024-7348
was published
Aug 8, 2024
Race condition in the installer for some Zoom Apps and SDKs for Windows before version 6.0.0 may...
High
Unreviewed
CVE-2024-27238
was published
Jul 15, 2024
An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x...
High
Unreviewed
CVE-2024-39936
was published
Jul 4, 2024
OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password...
High
Unreviewed
CVE-2024-39894
was published
Jul 2, 2024
ProTip!
Advisories are also available from the
GraphQL API