GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,741

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

120 advisories

Filter by severity

Sort by

Least recently updated

In adsp, there is a possible escalation of privilege due to a logic error. This could lead to... Moderate Unreviewed

CVE-2023-20620 was published Mar 7, 2023

In ion, there is a possible escalation of privilege due to improper locking. This could lead to... Moderate Unreviewed

CVE-2023-20623 was published Mar 7, 2023

A race condition was addressed with additional validation. This issue is fixed in macOS Ventura... Moderate Unreviewed

CVE-2023-23520 was published Feb 27, 2023

An Allocation of Resources Without Limits or Throttling weakness in the memory management of the... Moderate Unreviewed

CVE-2023-22397 was published Jan 13, 2023

A TOCTOU (time-of-check to time-of-use) vulnerability exists where an attacker may use a... Moderate Unreviewed

CVE-2021-46795 was published Jan 11, 2023

TOCTOU in the ASP may allow a physical attacker to write beyond the buffer bounds, potentially... Moderate Unreviewed

CVE-2023-20523 was published Jan 11, 2023

In isp, there is a possible out of bounds write due to a race condition. This could lead to local... Moderate Unreviewed

CVE-2022-32638 was published Jan 3, 2023

DMA attacks on the parameter buffer used by the IhisiSmm driver could change the contents after... Moderate Unreviewed

CVE-2022-30773 was published Nov 15, 2022

DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe... Moderate Unreviewed

CVE-2022-32266 was published Nov 15, 2022

DMA transactions which are targeted at input buffers used for the software SMI handler used by... Moderate Unreviewed

CVE-2022-33907 was published Nov 15, 2022

DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead... Moderate Unreviewed

CVE-2022-33982 was published Nov 15, 2022

DMA transactions which are targeted at input buffers used for the SmmResourceCheckDxe software... Moderate Unreviewed

CVE-2022-32267 was published Nov 15, 2022

DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could... Moderate Unreviewed

CVE-2022-33986 was published Nov 15, 2022

Update description and links DMA transactions which are targeted at input buffers used for the... Moderate Unreviewed

CVE-2022-31243 was published Nov 15, 2022

DMA attacks on the parameter buffer used by the PnpSmm driver could change the contents after... Moderate Unreviewed

CVE-2022-30774 was published Nov 15, 2022

DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI... Moderate Unreviewed

CVE-2022-33906 was published Nov 15, 2022

Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may... Moderate Unreviewed

CVE-2022-21198 was published Nov 11, 2022

In jpeg, there is a possible use after free due to a race condition. This could lead to local... Moderate Unreviewed

CVE-2022-32608 was published Nov 9, 2022

A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the Routing Protocol Daemon ... Moderate Unreviewed

CVE-2022-22225 was published Oct 18, 2022

A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd... Moderate Unreviewed

CVE-2022-22220 was published Oct 18, 2022

A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd... Moderate Unreviewed

CVE-2022-29800 was published Sep 22, 2022

A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race... Moderate Unreviewed

CVE-2022-1974 was published Sep 1, 2022

A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to... Moderate Unreviewed

CVE-2021-35937 was published Aug 26, 2022

A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow... Moderate Unreviewed

CVE-2022-33691 was published Jul 13, 2022

Time-of-check time-of-use vulnerability in the Crypto API Toolkit for Intel(R) SGX may allow a... Moderate Unreviewed

CVE-2021-33097 was published May 24, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

120 advisories