Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

14 advisories

Loading
NVIDIA Container Toolkit allows specially crafted container image to create empty files on the host file system Moderate
CVE-2024-0133 was published for github.com/NVIDIA/nvidia-container-toolkit (Go) Oct 29, 2024
Magento Open Source Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability Moderate
CVE-2024-45120 was published for magento/community-edition (Composer) Oct 10, 2024
Duplicate Advisory: NVIDIA Container Toolkit allows specially crafted container image to create empty files on the host file system Moderate
GHSA-g4pj-mx9f-m2mh was published for github.com/NVIDIA/nvidia-container-toolkit (Go) Sep 26, 2024 withdrawn
Apache StreamPipes potentially allows creation of multiple identical accounts Moderate
CVE-2024-30471 was published for org.apache.streampipes:streampipes-parent (Maven) Jul 17, 2024
WordOps has TOCTOU race condition Moderate
CVE-2024-34528 was published for wordops (pip) May 6, 2024
VirtuBox
OpenStack magnum vulnerable to time-of-check to time-of-use (TOCTOU) attack Moderate
CVE-2024-28718 was published for magnum (pip) Apr 12, 2024
Gradio apps vulnerable to timing attacks to guess password Moderate
CVE-2024-1729 was published for gradio (pip) Feb 22, 2024
Podman Time-of-check Time-of-use (TOCTOU) Race Condition Moderate
CVE-2023-0778 was published for github.com/containers/podman/v4 (Go) Mar 27, 2023
Time-of-check Time-of-use (TOCTOU) Race Condition in Jenkins Moderate
CVE-2021-21615 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
B2 Command Line Tool TOCTOU application key disclosure Moderate
CVE-2022-23653 was published for b2 (pip) Feb 24, 2022
janschejbal
b2-sdk-python TOCTOU application key disclosure Moderate
CVE-2022-23651 was published for b2sdk (pip) Feb 24, 2022
janschejbal
TOCTOU Race Condition in Yarn Moderate
CVE-2019-15608 was published for yarn (npm) Feb 9, 2022
Insufficient Session Expiration and TOCTOU Race Condition in OPC FOundation UA .Net Standard Moderate
CVE-2020-8867 was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Aug 2, 2021
devise Time-of-check Time-of-use Race Condition vulnerability Moderate
CVE-2019-5421 was published for devise (RubyGems) Mar 19, 2019
ProTip! Advisories are also available from the GraphQL API