Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

114 advisories

Loading
devise Time-of-check Time-of-use Race Condition vulnerability Moderate
CVE-2019-5421 was published for devise (RubyGems) Mar 19, 2019
Insufficient Session Expiration and TOCTOU Race Condition in OPC FOundation UA .Net Standard Moderate
CVE-2020-8867 was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Aug 2, 2021
A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and... Moderate Unreviewed
CVE-2021-4001 was published Jan 22, 2022
On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all... Moderate Unreviewed
CVE-2022-23029 was published Jan 26, 2022
TOCTOU Race Condition in Yarn Moderate
CVE-2019-15608 was published for yarn (npm) Feb 9, 2022
b2-sdk-python TOCTOU application key disclosure Moderate
CVE-2022-23651 was published for b2sdk (pip) Feb 24, 2022
janschejbal
B2 Command Line Tool TOCTOU application key disclosure Moderate
CVE-2022-23653 was published for b2 (pip) Feb 24, 2022
janschejbal
A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for... Moderate Unreviewed
CVE-2022-0280 was published Mar 12, 2022
An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the... Moderate Unreviewed
CVE-2022-25165 was published Apr 15, 2022
libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and... Moderate Unreviewed
CVE-2012-5630 was published Apr 23, 2022
A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch... Moderate Unreviewed
CVE-2003-0813 was published Apr 29, 2022
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain... Moderate Unreviewed
CVE-2004-0594 was published Apr 29, 2022
A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a... Moderate Unreviewed
CVE-2021-26350 was published May 12, 2022
TOCTOU (time-of-check to time-of-use) issue in the System Management Unit (SMU) may result in a... Moderate Unreviewed
CVE-2021-26347 was published May 12, 2022
A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in... Moderate Unreviewed
CVE-2018-16872 was published May 13, 2022
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0,... Moderate Unreviewed
CVE-2018-6693 was published May 13, 2022
Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows... Moderate Unreviewed
CVE-2017-11830 was published May 13, 2022
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted... Moderate Unreviewed
CVE-2015-1743 was published May 14, 2022
The malware scan function in Total Defense Anti-virus 11.5.2.28 is vulnerable to a TOCTOU bug;... Moderate Unreviewed
CVE-2019-18644 was published May 24, 2022
Race condition between the camera functions due to lack of resource lock which will lead to... Moderate Unreviewed
CVE-2019-10494 was published May 24, 2022
Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that... Moderate Unreviewed
CVE-2019-11482 was published May 24, 2022
A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of... Moderate Unreviewed
CVE-2020-8016 was published May 24, 2022
VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware... Moderate Unreviewed
CVE-2020-3957 was published May 24, 2022
A time-of-check time-of-use vulnerability in PulseSecureService.exe in Pulse Secure Client... Moderate Unreviewed
CVE-2020-13162 was published May 24, 2022
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).... Moderate Unreviewed
CVE-2020-14675 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database