Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

316 advisories

Loading
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before... Moderate Unreviewed
CVE-2020-3981 was published May 24, 2022
A memory corruption issue was addressed with improved memory handling. This issue is fixed in... High Unreviewed
CVE-2020-9921 was published May 24, 2022
This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.6. A... Moderate Unreviewed
CVE-2020-9939 was published May 24, 2022
A race condition was addressed with additional validation. This issue is fixed in macOS Catalina... High Unreviewed
CVE-2020-9990 was published May 24, 2022
Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web... Moderate Unreviewed
CVE-2020-27014 was published May 24, 2022
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017... High Unreviewed
CVE-2020-24428 was published May 24, 2022
The Trusted Platform Modules (TPM) reference software may not properly track the number of times... Moderate Unreviewed
CVE-2020-12926 was published May 24, 2022
Medtronic MyCareLink Smart 25000 all versions are vulnerable to a race condition in the MCL Smart... High Unreviewed
CVE-2020-27252 was published May 24, 2022
Time-of-check Time-of-use (TOCTOU) Race Condition in Jenkins Moderate
CVE-2021-21615 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to... High Unreviewed
CVE-2020-14418 was published May 24, 2022
Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is... High Unreviewed
CVE-2021-26910 was published May 24, 2022
Firefox for Android suffered from a time-of-check-time-of-use vulnerability that allowed a... Moderate Unreviewed
CVE-2021-23977 was published May 24, 2022
While processing storage SCM commands there is a time of check or time of use window where a... Moderate Unreviewed
CVE-2020-11220 was published May 24, 2022
Potential arbitrary memory corruption when the qseecom driver updates ion physical addresses in... Moderate Unreviewed
CVE-2020-11230 was published May 24, 2022
This vulnerability allows local attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2021-31427 was published May 24, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2021-31422 was published May 24, 2022
Dell EMC iDRAC9 versions prior to 4.40.00.00 contain a Time-of-check Time-of-use (TOCTOU) race... High Unreviewed
CVE-2021-21539 was published May 24, 2022
By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security... High Unreviewed
CVE-2021-23892 was published May 24, 2022
While waiting for a response to a callback or listener request, non-secure clients can change... High Unreviewed
CVE-2020-11298 was published May 24, 2022
Time-of-check time-of-use race condition While processing partition entries due to newly created... High Unreviewed
CVE-2020-11233 was published May 24, 2022
A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for... Moderate Unreviewed
CVE-2021-1567 was published May 24, 2022
There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Huawei Smartphone.... High Unreviewed
CVE-2021-22369 was published May 24, 2022
When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE)... Moderate Unreviewed
CVE-2021-0289 was published May 24, 2022
arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD... High Unreviewed
CVE-2021-29657 was published May 24, 2022
A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks... High Unreviewed
CVE-2021-3054 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database