Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,263
NuGet
760
pip
4,058
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,815 advisories

Loading
October CMS upload process vulnerable to RCE via Race Condition High
CVE-2022-24800 was published for october/system (Composer) Jul 13, 2022
The kernel module has the race condition vulnerability. Successful exploitation of this... Moderate Unreviewed
CVE-2022-31758 was published Jun 14, 2022
Improper serialization of message queue client registration can lead to race condition allowing... High Unreviewed
CVE-2021-35095 was published Jun 15, 2022
authd sets weak permissions for /etc/ident.key, which allows local users to obtain the key by... Moderate Unreviewed
CVE-2016-4982 was published May 17, 2022
x86 pv: Race condition in typeref acquisition Xen maintains a type reference count for pages, in... Moderate Unreviewed
CVE-2022-26362 was published Jun 10, 2022
In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This... Moderate Unreviewed
CVE-2022-20154 was published Jun 16, 2022
VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the... Moderate Unreviewed
CVE-2015-5191 was published May 17, 2022
Multiple race conditions in WANPIPE before 3.3.6 have unknown impact and attack vectors related... High Unreviewed
CVE-2008-6598 was published May 17, 2022
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability... High Unreviewed
CVE-2022-3567 was published Oct 18, 2022
Another race in XENMAPSPACE_grant_table handling Guests are permitted access to certain Xen-owned... High Unreviewed
CVE-2021-28701 was published May 24, 2022
A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5... Moderate Unreviewed
CVE-2021-28964 was published May 24, 2022
Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a... Moderate Unreviewed
CVE-2019-5840 was published May 24, 2022
Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows... Low Unreviewed
CVE-2010-1775 was published May 17, 2022
A race condition was addressed with improved locking. This issue is fixed in tvOS 15.5, macOS... High Unreviewed
CVE-2022-26701 was published May 27, 2022
In PVRSRVRGXSubmitTransferKM of rgxtransfer.c, there is a possible user after free due to a race... High Unreviewed
CVE-2021-0697 was published Sep 14, 2022
grant table v2 status pages may remain accessible after de-allocation Guest get permitted access... High Unreviewed
CVE-2021-28697 was published May 24, 2022
Description: A race condition was addressed with additional validation. This issue is fixed in... Moderate Unreviewed
CVE-2022-26690 was published May 27, 2022
A race condition was addressed with improved state handling. This issue is fixed in watchOS 8.6,... Moderate Unreviewed
CVE-2022-26765 was published May 27, 2022
In decrypt of CryptoPlugin.cpp, there is a possible use-after-free due to a race condition. This... Moderate Unreviewed
CVE-2021-0564 was published May 24, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Elasticsearch Moderate
CVE-2019-7614 was published for org.elasticsearch:elasticsearch (Maven) May 24, 2022
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There... High Unreviewed
CVE-2019-12263 was published May 24, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in Spring Security Moderate
CVE-2011-2731 was published for org.springframework.security:spring-security-core (Maven) May 17, 2022
An exploitable vulnerability exists in the signature verification of the firmware update... High Unreviewed
CVE-2017-2898 was published May 13, 2022
In several functions of KeyguardServiceWrapper.java and related files,, there is a possible way... High Unreviewed
CVE-2022-20006 was published May 11, 2022
FreeBSD's crontab calculates the MD5 sum of the previous and new cronjob to determine if any... Moderate Unreviewed
CVE-2011-1075 was published Apr 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database