GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
293 advisories
Filter by severity
External service lookups for a number of protocols were vulnerable to a time-of-check/time-of-use...
Low
Unreviewed
CVE-2023-26438
was published
Aug 2, 2023
IBM Spectrum Protect 8.1.0.0 through 8.1.17.0 could allow a local user to cause a denial of...
Moderate
Unreviewed
CVE-2023-33832
was published
Jul 19, 2023
Microsoft Outlook Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2023-35311
was published
Jul 11, 2023
Multiple vulnerabilities including an incorrect permission assignment for critical resource [CWE...
High
Unreviewed
CVE-2022-43946
was published
Jul 6, 2023
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP...
High
Unreviewed
CVE-2023-26299
was published
Jun 30, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.7 before 15.8.5,...
Moderate
Unreviewed
CVE-2022-4143
was published
Jun 28, 2023
A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in...
High
Unreviewed
CVE-2023-1295
was published
Jun 28, 2023
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service...
High
Unreviewed
CVE-2023-32554
was published
Jun 27, 2023
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service...
High
Unreviewed
CVE-2023-32555
was published
Jun 27, 2023
The Netskope client service (prior to R96) on Windows runs as NT AUTHORITY\SYSTEM which writes...
High
Unreviewed
CVE-2022-4149
was published
Jun 15, 2023
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products,...
High
Unreviewed
CVE-2022-31640
was published
Jun 14, 2023
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products,...
High
Unreviewed
CVE-2022-31641
was published
Jun 14, 2023
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products,...
High
Unreviewed
CVE-2022-31642
was published
Jun 14, 2023
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS...
High
Unreviewed
CVE-2022-31635
was published
Jun 13, 2023
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS...
High
Unreviewed
CVE-2022-31638
was published
Jun 13, 2023
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS...
High
Unreviewed
CVE-2022-31639
was published
Jun 13, 2023
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS...
High
Unreviewed
CVE-2022-31636
was published
Jun 13, 2023
Potential time-of-check to time-of-use (TOCTOU) vulnerabilities have been identified in the BIOS...
High
Unreviewed
CVE-2022-31637
was published
Jun 13, 2023
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP...
High
Unreviewed
CVE-2022-43778
was published
Jun 12, 2023
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP...
High
Unreviewed
CVE-2022-27539
was published
Jun 12, 2023
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP...
High
Unreviewed
CVE-2022-27541
was published
Jun 12, 2023
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP...
High
Unreviewed
CVE-2022-43777
was published
Jun 12, 2023
Videostream macOS app 0.5.0 and 0.4.3 has a Race Condition. The Updater privileged script...
High
Unreviewed
CVE-2023-25394
was published
May 17, 2023
Time-of-check Time-of-use (TOCTOU) in the
BIOS2PSP command may allow an attacker with a malicious...
Moderate
Unreviewed
CVE-2021-46792
was published
May 9, 2023
A TOCTOU in ASP bootloader may allow an attacker
to tamper with the SPI ROM following data read...
High
Unreviewed
CVE-2021-26356
was published
May 9, 2023
ProTip!
Advisories are also available from the
GraphQL API