Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,694
Erlang
34
GitHub Actions
28
Go
2,284
Maven
5,000+
npm
3,936
NuGet
708
pip
3,706
Pub
12
RubyGems
919
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+

375 advisories

Loading
Time-of-check time-of-use race condition in some Zoom Workplace Apps may allow an authenticated... High Unreviewed
CVE-2025-30663 was published May 14, 2025
Time-of-check time-of-use race condition in the UEFI firmware SmiVariable driver for the Intel(R)... High Unreviewed
CVE-2025-20082 was published May 13, 2025
Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized... High Unreviewed
CVE-2025-29969 was published May 13, 2025
Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an... High Unreviewed
CVE-2025-29833 was published May 13, 2025
APTIOV contains a vulnerability in BIOS where an attacker may cause a Time-of-check Time-of-use ... High Unreviewed
CVE-2024-42446 was published May 13, 2025
Link Following Local Privilege Escalation Vulnerability in NortonUtilitiesSvc in Norton Utilities... High Unreviewed
CVE-2024-13944 was published May 9, 2025
Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use ... Moderate Unreviewed
CVE-2025-30101 was published May 8, 2025
Rack session gets restored after deletion Moderate
CVE-2025-46336 was published for rack-session (RubyGems) May 8, 2025
stengineering0 jeremyevans
ioquatix
Rack session gets restored after deletion Moderate
CVE-2025-32441 was published for rack (RubyGems) May 8, 2025
stengineering0 jeremyevans
ioquatix
Memory corruption when blob structure is modified by user-space after kernel verification. High Unreviewed
CVE-2024-45565 was published May 6, 2025
Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2024-6029 was published Apr 30, 2025
Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be... Moderate Unreviewed
CVE-2025-3599 was published Apr 30, 2025
NodeJS Driver for Snowflake has race condition when checking access to Easy Logging configuration file Low
CVE-2025-46328 was published for snowflake-sdk (npm) Apr 28, 2025
Go Snowflake Driver has race condition when checking access to Easy Logging configuration file Low
CVE-2025-46327 was published for github.com/snowflakedb/gosnowflake (Go) Apr 28, 2025
Snowflake Connector for .NET has race condition when checking access to Easy Logging configuration file Low
CVE-2025-46326 was published for Snowflake.Data (NuGet) Apr 28, 2025
MSI Center before 2.0.52.0 allows TOCTOU Local Privilege Escalation. High Unreviewed
CVE-2025-27812 was published Apr 10, 2025
Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA)... High Unreviewed
CVE-2025-21191 was published Apr 8, 2025
Information disclosure may be there when a guest VM is connected. Moderate Unreviewed
CVE-2025-21431 was published Apr 7, 2025
Memory corruption occurs during the copying of read data from the EEPROM because the IO... High Unreviewed
CVE-2024-43067 was published Apr 7, 2025
In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp:... Moderate Unreviewed
CVE-2025-21998 was published Apr 3, 2025
APTIOV contains a vulnerability in BIOS where an attacker may cause a Time-of-check Time-of-use ... High Unreviewed
CVE-2024-54084 was published Mar 11, 2025
A time-of-check time-of-use (TOCTOU) race condition vulnerability has been reported to affect... High Unreviewed
CVE-2024-53694 was published Mar 7, 2025
VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that... Critical Unreviewed
CVE-2025-22224 was published Mar 4, 2025
Memory corruption may occur while processing message from frontend during allocation. High Unreviewed
CVE-2024-53028 was published Mar 3, 2025
Memory corruption may occur in keyboard virtual device due to guest VM interaction. High Unreviewed
CVE-2024-53032 was published Mar 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database