Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,811
Erlang
36
GitHub Actions
32
Go
2,396
Maven
5,000+
npm
4,033
NuGet
721
pip
3,824
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

387 advisories

Loading
Time-of-check to time-of-use race condition vulnerability potentially allowed an attacker to use... Moderate Unreviewed
CVE-2025-2425 was published Jul 18, 2025
Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized... Moderate Unreviewed
CVE-2025-48818 was published Jul 8, 2025
Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized... Moderate Unreviewed
CVE-2025-48001 was published Jul 8, 2025
A race condition in the Nix, Lix, and Guix package managers allows the removal of content from... Low Unreviewed
CVE-2025-46415 was published Jun 27, 2025
PEAK-System Driver PCANFD_ADD_FILTERS Time-Of-Check Time-Of-Use Information Disclosure... Low Unreviewed
CVE-2025-6217 was published Jun 23, 2025
A race condition vulnerability exists in Armoury Crate. This vulnerability arises from a Time-of... High Unreviewed
CVE-2025-3464 was published Jun 16, 2025
An issue has been discovered in GitLab EE affecting all versions prior to 17.10.8, 17.11 prior to... Moderate Unreviewed
CVE-2024-9512 was published Jun 12, 2025
Memory corruption while processing I2C settings in Camera driver. Moderate Unreviewed
CVE-2024-53016 was published Jun 3, 2025
Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC. High Unreviewed
CVE-2025-21485 was published Jun 3, 2025
Memory corruption may occur while processing the OIS packet parser. Moderate Unreviewed
CVE-2024-53018 was published Jun 3, 2025
Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to... Moderate Unreviewed
CVE-2025-46805 was published May 26, 2025
containerd allows host filesystem access on pull High
CVE-2025-47290 was published for github.com/containerd/containerd/v2 (Go) May 21, 2025
tonistiigi
Time-of-check time-of-use race condition in some Zoom Workplace Apps may allow an authenticated... High Unreviewed
CVE-2025-30663 was published May 14, 2025
Time-of-check time-of-use race condition in the UEFI firmware SmiVariable driver for the Intel(R)... High Unreviewed
CVE-2025-20082 was published May 13, 2025
Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized... High Unreviewed
CVE-2025-29969 was published May 13, 2025
Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an... High Unreviewed
CVE-2025-29833 was published May 13, 2025
APTIOV contains a vulnerability in BIOS where an attacker may cause a Time-of-check Time-of-use ... High Unreviewed
CVE-2024-42446 was published May 13, 2025
Link Following Local Privilege Escalation Vulnerability in NortonUtilitiesSvc in Norton Utilities... High Unreviewed
CVE-2024-13944 was published May 9, 2025
Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use ... Moderate Unreviewed
CVE-2025-30101 was published May 8, 2025
Rack session gets restored after deletion Moderate
CVE-2025-46336 was published for rack-session (RubyGems) May 8, 2025
stengineering0 jeremyevans
ioquatix
Rack session gets restored after deletion Moderate
CVE-2025-32441 was published for rack (RubyGems) May 8, 2025
stengineering0 jeremyevans
ioquatix
Memory corruption when blob structure is modified by user-space after kernel verification. High Unreviewed
CVE-2024-45565 was published May 6, 2025
Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2024-6029 was published Apr 30, 2025
Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be... Moderate Unreviewed
CVE-2025-3599 was published Apr 30, 2025
NodeJS Driver for Snowflake has race condition when checking access to Easy Logging configuration file Low
CVE-2025-46328 was published for snowflake-sdk (npm) Apr 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database