Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,901
Maven
5,000+
npm
3,631
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

296 advisories

Loading
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced... High Unreviewed
CVE-2018-8584 was published May 13, 2022
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka ... Low Unreviewed
CVE-2018-8449 was published May 13, 2022
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka ... Low Unreviewed
CVE-2018-0966 was published May 13, 2022
An ability to process crash dumps under root privileges and inappropriate symlinks handling could... High Unreviewed
CVE-2017-15404 was published May 13, 2022
Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows... Moderate Unreviewed
CVE-2017-11830 was published May 13, 2022
A remote code execution vulnerability in the Android media framework (libstagefright). Product:... High Unreviewed
CVE-2017-0756 was published May 13, 2022
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious... High Unreviewed
CVE-2017-0411 was published May 13, 2022
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious... High Unreviewed
CVE-2017-0412 was published May 13, 2022
An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious... High Unreviewed
CVE-2017-0331 was published May 13, 2022
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0,... Moderate Unreviewed
CVE-2018-6693 was published May 13, 2022
A Time-of-check Time-of-use (TOCTOU) Race Condition exists in ZoneMinder through 1.32.3 as a... High Unreviewed
CVE-2019-7347 was published May 13, 2022
In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check... Critical Unreviewed
CVE-2019-7249 was published May 13, 2022
VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600... High Unreviewed
CVE-2019-5519 was published May 13, 2022
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV... High Unreviewed
CVE-2019-0836 was published May 13, 2022
A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in... Moderate Unreviewed
CVE-2018-16872 was published May 13, 2022
A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a... Moderate Unreviewed
CVE-2021-26350 was published May 12, 2022
TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a... Moderate Unreviewed
CVE-2021-26347 was published May 12, 2022
Race Condition in Grunt High
CVE-2022-1537 was published for grunt (npm) May 11, 2022
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Low Unreviewed
CVE-2013-4235 was published May 5, 2022
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain... Moderate Unreviewed
CVE-2004-0594 was published Apr 29, 2022
A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch... Moderate Unreviewed
CVE-2003-0813 was published Apr 29, 2022
libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and... Moderate Unreviewed
CVE-2012-5630 was published Apr 23, 2022
Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unprivileged... High Unreviewed
CVE-2011-4126 was published Apr 22, 2022
Time-of-check Time-of-use (TOCTOU) Race Condition vulerability in Foscam R2C IP camera running... High Unreviewed
CVE-2022-28743 was published Apr 22, 2022
An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the... Moderate Unreviewed
CVE-2022-25165 was published Apr 15, 2022
ProTip! Advisories are also available from the GraphQL API