GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
12 advisories
Filter by severity
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
High
CVE-2024-56337
was published
for
org.apache.tomcat:tomcat-catalina
(Maven)
Dec 20, 2024
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
High
CVE-2024-50379
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Dec 17, 2024
OpenStack Storlets arbitrary code execution vulnerability
High
CVE-2024-28717
was published
for
storlets
(pip)
Apr 22, 2024
Buildkite Elastic CI for AWS time-of-check-time-of-use race condition vulnerability
High
CVE-2023-43741
was published
for
github.com/buildkite/elastic-ci-stack-for-aws/v6
(Go)
Dec 22, 2023
FoodCoopShop Server-Side Request Forgery vulnerability
High
CVE-2023-46725
was published
for
foodcoopshop/foodcoopshop
(Composer)
Nov 2, 2023
NuGet Client Remote Code Execution Vulnerability
High
CVE-2023-29337
was published
for
Microsoft.Build.NuGetSdkResolver
(NuGet)
Jun 14, 2023
Insecure temporary file in Tensorflow
High
CVE-2022-23563
was published
for
tensorflow
(pip)
Feb 9, 2022
Race condition in Apache Tomcat
High
CVE-2022-23181
was published
for
org.apache.tomcat:tomcat
(Maven)
Feb 1, 2022
Miner fails to get block template when a cell used as a cell dep has been destroyed.
High
GHSA-v666-6w97-pcwm
was published
for
ckb
(Rust)
Aug 25, 2021
mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs
High
CVE-2021-30465
was published
for
github.com/opencontainers/runc
(Go)
May 25, 2021
ProTip!
Advisories are also available from the
GraphQL API