Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,815 advisories

Loading
October CMS upload process vulnerable to RCE via Race Condition High
CVE-2022-24800 was published for october/system (Composer) Jul 13, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2022-34892 was published Jul 19, 2022
A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing... Moderate Unreviewed
CVE-2020-36557 was published Jul 22, 2022
A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL... Moderate Unreviewed
CVE-2020-36558 was published Jul 22, 2022
In video codec, there is a possible memory corruption due to a race condition. This could lead to... Moderate Unreviewed
CVE-2022-26428 was published Aug 2, 2022
In audio ipi, there is a possible memory corruption due to a race condition. This could lead to... Moderate Unreviewed
CVE-2022-21789 was published Aug 2, 2022
An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and... High Unreviewed
CVE-2022-37035 was published Aug 3, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-35796 was published Aug 10, 2022
Windows Hyper-V Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-34696 was published Aug 10, 2022
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-33636 was published Aug 10, 2022
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID... High Unreviewed
CVE-2022-34702 was published Aug 10, 2022
In stealReceiveChannel of EventThread.cpp, there is a possible way to interfere with process... High Unreviewed
CVE-2022-20344 was published Aug 11, 2022
In st21nfc_loc_set_polaritymode of fc/st21nfc.c, there is a possible use after free due to a race... Moderate Unreviewed
CVE-2022-20373 was published Aug 12, 2022
In dm_bow_dtr and related functions of dm-bow.c, there is a possible use after free due to a race... Moderate Unreviewed
CVE-2022-20371 was published Aug 12, 2022
ansible-runner vulnerable to Race Condition Moderate
CVE-2021-3702 was published for ansible-runner (pip) Aug 24, 2022
A flaw was found in the way Samba handled file/directory metadata. This flaw allows an... Moderate Unreviewed
CVE-2021-20316 was published Aug 24, 2022
A race condition was found in the Linux kernel's watch queue due to a missing lock in... High Unreviewed
CVE-2022-2959 was published Aug 26, 2022
A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that... Moderate Unreviewed
CVE-2022-0207 was published Aug 27, 2022
A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user... High Unreviewed
CVE-2022-2961 was published Aug 29, 2022
An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver... High Unreviewed
CVE-2022-1247 was published Sep 1, 2022
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on... High Unreviewed
CVE-2022-2590 was published Sep 1, 2022
A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM... High Unreviewed
CVE-2022-3028 was published Sep 1, 2022
An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of... Moderate Unreviewed
CVE-2022-39188 was published Sep 3, 2022
Apache Airflow exposes arbitrary file content Moderate
CVE-2022-38170 was published for apache-airflow (pip) Sep 3, 2022
sunSUNQ
Credited to sunSUNQ
A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE... High Unreviewed
CVE-2022-31251 was published Sep 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database