GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
22 advisories
Filter by severity
Gradio has a race condition in update_root_in_config may redirect user traffic
High
CVE-2024-47870
was published
for
gradio
(pip)
Oct 10, 2024
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
Moderate
CVE-2024-35255
was published
for
@azure/identity
(Go)
Jun 11, 2024
WordOps has TOCTOU race condition
Moderate
CVE-2024-34528
was published
for
wordops
(pip)
May 6, 2024
vantage6 vulnerable to a username timing attack on recover password/MFA token
Moderate
CVE-2024-24770
was published
for
vantage6
(pip)
Mar 15, 2024
Apache Airflow exposes arbitrary file content
Moderate
CVE-2022-38170
was published
for
apache-airflow
(pip)
Sep 3, 2022
ansible-runner vulnerable to Race Condition
Moderate
CVE-2021-3702
was published
for
ansible-runner
(pip)
Aug 24, 2022
Uncaught Exception (due to a data race) leads to process termination in Waitress
High
CVE-2022-31015
was published
for
waitress
(pip)
Jun 2, 2022
Concurrent Execution using Shared Resource with Improper Synchronization in pyftpdlib
High
CVE-2010-3494
was published
for
pyftpdlib
(pip)
May 17, 2022
Zope Object Database Denial of Service vulnerability
Moderate
CVE-2010-3495
was published
for
zodb3
(pip)
May 17, 2022
OpenStack Neutron Race condition vulnerability
Low
CVE-2015-5240
was published
for
neutron
(pip)
May 17, 2022
Radicale is vulnerable to timing oracles and simple bruteforce attacks
High
CVE-2017-8342
was published
for
Radicale
(pip)
May 13, 2022
OpenStack Neutron Race Condition vulnerability
Moderate
CVE-2017-7543
was published
for
neutron
(pip)
May 13, 2022
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib
Moderate
CVE-2009-5010
was published
for
pyftpdlib
(pip)
May 2, 2022
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib
Moderate
CVE-2009-5011
was published
for
pyftpdlib
(pip)
May 2, 2022
Exposure of Resource to Wrong Sphere and Insecure Temporary File in Ansible
Low
CVE-2020-10744
was published
for
ansible
(pip)
Feb 9, 2022
Ansible vulnerable to Exposure of Resource to Wrong Sphere and Insecure Temporary File
Low
CVE-2020-1733
was published
for
ansible
(pip)
Apr 20, 2021
Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible
Moderate
CVE-2020-10684
was published
for
ansible
(pip)
Apr 7, 2021
Potential Observable Timing Discrepancy in Wagtail
Moderate
CVE-2020-11037
was published
for
wagtail
(pip)
May 7, 2020
Webargs mishandles concurrent JSON parsing
High
CVE-2019-9710
was published
for
webargs
(pip)
Mar 12, 2019
Plone and Zope2 affected by Race Condition
High
CVE-2012-5507
was published
for
Plone
(pip)
Jul 23, 2018
ProTip!
Advisories are also available from the
GraphQL API