Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

316 advisories

Loading
This vulnerability allows local attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2021-31427 was published May 24, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2021-31422 was published May 24, 2022
While processing storage SCM commands there is a time of check or time of use window where a... Moderate Unreviewed
CVE-2020-11220 was published May 24, 2022
Potential arbitrary memory corruption when the qseecom driver updates ion physical addresses in... Moderate Unreviewed
CVE-2020-11230 was published May 24, 2022
Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a... Moderate Unreviewed
CVE-2021-23977 was published May 24, 2022
Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is... High Unreviewed
CVE-2021-26910 was published May 24, 2022
A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to... High Unreviewed
CVE-2020-14418 was published May 24, 2022
Time-of-check Time-of-use (TOCTOU) Race Condition in Jenkins Moderate
CVE-2021-21615 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Medtronic MyCareLink Smart 25000 all versions are vulnerable to a race condition in the MCL Smart... High Unreviewed
CVE-2020-27252 was published May 24, 2022
The Trusted Platform Modules (TPM) reference software may not properly track the number of times... Moderate Unreviewed
CVE-2020-12926 was published May 24, 2022
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017... High Unreviewed
CVE-2020-24428 was published May 24, 2022
Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web... Moderate Unreviewed
CVE-2020-27014 was published May 24, 2022
A race condition was addressed with additional validation. This issue is fixed in macOS Catalina... High Unreviewed
CVE-2020-9990 was published May 24, 2022
This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.6. A... Moderate Unreviewed
CVE-2020-9939 was published May 24, 2022
A memory corruption issue was addressed with improved memory handling. This issue is fixed in... High Unreviewed
CVE-2020-9921 was published May 24, 2022
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before... Moderate Unreviewed
CVE-2020-3981 was published May 24, 2022
A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers... Moderate Unreviewed
CVE-2020-8332 was published May 24, 2022
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors,... High Unreviewed
CVE-2020-14375 was published May 24, 2022
In SurfaceFlinger, there is a possible use after free due to a race condition. This could lead to... Moderate Unreviewed
CVE-2020-0358 was published May 24, 2022
A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local... Moderate Unreviewed
CVE-2020-25212 was published May 24, 2022
u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to... Moderate Unreviewed
CVE-2020-3619 was published May 24, 2022
u'While processing SMCInvoke asynchronous message header, message count is modified leading to a... Moderate Unreviewed
CVE-2019-14119 was published May 24, 2022
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly... High Unreviewed
CVE-2020-1337 was published May 24, 2022
TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and... Moderate Unreviewed
CVE-2020-15702 was published May 24, 2022
In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4... Moderate Unreviewed
CVE-2020-7460 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database